Skills
skills/phoenixtw/skills/setup-phoenixtw-skills/Gen Agent Trust Hub

setup-phoenixtw-skills

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git remote -v and reads .git/config to identify the repository's origin and configure the issue tracker context.\n- [EXTERNAL_DOWNLOADS]: Mentions the official GitLab CLI tool (glab) and provides a link to its repository on gitlab.com, which is a well-known service.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by reading repository files (AGENTS.md, CLAUDE.md, CONTEXT.md) and incorporating their content into the configuration workflow.\n
  • Ingestion points: AGENTS.md, CLAUDE.md, CONTEXT.md, CONTEXT-MAP.md, .git/config.\n
  • Boundary markers: None; the skill reads existing configuration files directly.\n
  • Capability inventory: Writes to metadata and documentation files; executes git for environment discovery.\n
  • Sanitization: None; the skill relies on local file content to populate its configuration templates.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 10:55 AM
Security Audit — agent-trust-hub — setup-phoenixtw-skills