skills/nemostein/skills/isolate/Gen Agent Trust Hub

isolate

Pass

Audited by Gen Agent Trust Hub on Jul 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local PowerShell and Bash scripts to run a Node.js utility. User-provided parameters such as branch names are passed using safe array-based argument handling, mitigating shell injection risks.
  • [PROMPT_INJECTION]: An indirect prompt injection surface exists in the handoff mechanism. Untrusted task intent is ingested (SKILL.md, Step 1) and passed to a new session via CLI arguments in the launcher scripts (Capability), without explicit boundary markers or sanitization to prevent the propagation of malicious instructions between sessions.
  • [REMOTE_CODE_EXECUTION]: The skill depends on a script located at a relative path within the package structure. It does not perform network-based code downloads or execute instructions from untrusted external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 17, 2026, 04:55 AM
Security Audit — agent-trust-hub — isolate