Skills
skills/nyldn/claude-octopus/skill-resume/Gen Agent Trust Hub

skill-resume

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local script ./scripts/octo-state.sh to retrieve project state variables and determine the appropriate context tier. This is a standard integration for managing persistent workflow state within a project environment.
  • [PROMPT_INJECTION]: The skill ingests data from multiple project files which creates a surface for indirect prompt injection if these files contain instructions designed to override agent behavior.
  • Ingestion points: Processes contents from .octo-continue.md, .octo/STATE.md, and .octo/PROJECT.md using cat, grep, and sed.
  • Boundary markers: Absent; the content from these files is displayed directly into the agent's context without delimiters or warnings to ignore embedded instructions.
  • Capability inventory: Includes shell command execution, local script invocation, and file system access.
  • Sanitization: Absent; the skill assumes the integrity of the state files generated by its own ecosystem.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 06:35 AM