takumi-rs-core-skilld
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends using
npx -y skilld search, which facilitates the download and execution of theskilldpackage from the NPM registry at runtime. This is presented as a standard method for searching the library documentation. - [COMMAND_EXECUTION]: Instructs the agent to perform searches using the
skilldcommand ornpx -y skilld searchto find information within the library's indexed documentation, releases, and issue trackers. - [PROMPT_INJECTION]: The
skilld searchfunctionality ingests data from external sources such as GitHub issues and discussions, creating a surface for indirect prompt injection. - Ingestion points: Output from the
skilld searchcommand referenced inSKILL.md. - Boundary markers: None present in the skill instructions.
- Capability inventory: The skill focus is documentation and best practices; it does not include scripts or commands for file manipulation or arbitrary network operations beyond the documentation search.
- Sanitization: No sanitization of the external search results is described.
Audit Metadata