Skills
skills/notque/claude-code-toolkit/agent-upgrade/Gen Agent Trust Hub

agent-upgrade

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to perform repository management tasks, including listing files, searching with grep, and executing a local Python script scripts/learning-db.py to retrieve learning data.\n- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection because it ingests and analyzes the content of other agent and skill files to identify structural gaps and propose improvements.\n
  • Ingestion points: Repository files located in agents/ and skills/ directories and the output from scripts/learning-db.py.\n
  • Boundary markers: Absent. The skill lacks instructions to treat ingested file content as untrusted or to ignore instructions embedded within those files.\n
  • Capability inventory: The skill is granted significant permissions, including the ability to run shell commands via Bash and modify files using Edit and Write.\n
  • Sanitization: Absent. There are no mechanisms described for sanitizing or validating the data extracted from target files before it is used in the upgrade process.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 04:36 PM