Skills
skills/partme-ai/full-stack-skills/skill-installer/Gen Agent Trust Hub

skill-installer

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes content from external files.
  • Ingestion points: The getMarketplaceSkills function in index.ts reads marketplace.json and subsequently reads and parses the content of SKILL.md files from paths specified in the marketplace data.
  • Boundary markers: None. The skill does not use specific delimiters or instructions to ignore potential commands embedded in the SKILL.md files.
  • Capability inventory: The skill has permissions to read and write to the local filesystem (specifically installed_skills.json).
  • Sanitization: None. The skill naively extracts the first header and first non-header line as name and description using regex and string splitting.
  • Note: This behavior is central to the skill's primary purpose of skill discovery and metadata management.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 10:08 PM