Skills
skills/nayuta/agent-skills/skill-audit/Gen Agent Trust Hub

skill-audit

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core workflow involves reading and performing qualitative analysis on untrusted skill files.\n
  • Ingestion points: The skill reads SKILL.md and referenced files from user-specified directories as part of both the static analysis script and the AI-driven judgment workflow.\n
  • Boundary markers: Absent. No instructions are provided to the agent to treat audited file content as data only or to ignore embedded instructions.\n
  • Capability inventory: The skill utilizes Read, Grep, and Bash tools (specifically for python, uv, rg, and find), which could be misused if the agent inadvertently executes instructions found in the audited content.\n
  • Sanitization: Absent. Raw text from audited files is passed directly into the agent's context for review.\n- [COMMAND_EXECUTION]: The skill executes a bundled Python script for static analysis using the Bash tool.\n
  • Evidence: The Workflow section of SKILL.md instructs the user to run python scripts/skill_audit.py <skill-path>.\n- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of the pyyaml library.\n
  • Evidence: SKILL.md includes a recommendation to run pip install pyyaml. pyyaml is a well-known, widely used, and trusted library for parsing YAML data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 01:52 PM