Skills
skills/plow-pbc/openseed/seed-audit/Gen Agent Trust Hub

seed-audit

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses standard Unix utilities such as grep, find, and awk to analyze repository content. It employs a secure file-writing procedure using mktemp and mv to avoid potential symlink-based security issues.
  • [EXTERNAL_DOWNLOADS]: The skill references an installation script at https://raw.githubusercontent.com/plow-pbc/openseed/main/install.sh. This is a vendor-owned resource used for setup.
  • [REMOTE_CODE_EXECUTION]: The provided installation method involves executing a remote shell script via bash. This is a standard deployment pattern for this vendor's tools.
  • [PROMPT_INJECTION]: The audit-malicious.md file contains prompt injection patterns. These are explicitly provided as search strings for auditing purposes rather than instructions for the agent's own behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 05:03 PM
Security Audit — agent-trust-hub — seed-audit