Skills
skills/rshade/agent-skills/scout/Gen Agent Trust Hub

scout

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using variables that may be derived from user input, such as the ${BRANCH} variable in the Specific branch section. If a user provides a branch name containing shell metacharacters (e.g., ; rm -rf /), it could lead to arbitrary command execution depending on how the agent environment handles string interpolation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes the full content of untrusted source files.
  • Ingestion points: Full content of files identified via git diff or explicit user lists (SKILL.md).
  • Boundary markers: None specified; the agent is instructed to read the full content without delimiters or instructions to ignore embedded commands.
  • Capability inventory: The agent has the capability to execute shell commands (git) and access the local filesystem.
  • Sanitization: No sanitization or validation of the ingested file content is performed before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 09:59 AM