Skills
skills/sd0xdev/sd0x-dev-flow/risk-assess/Gen Agent Trust Hub

risk-assess

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/risk-analyze.js executes shell commands including git rev-parse, git diff, git status, git log, and grep to perform its analysis. These commands are necessary for the stated functionality and are executed with arguments passed through an array, which is a safe practice.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8) because it ingests and processes untrusted data from the repository diffs and file contents.
  • Ingestion points: scripts/risk-analyze.js reads raw output from git commands and reads files like package.json and .env.
  • Boundary markers: The SKILL.md instructs the agent to parse the structured JSON output, providing a functional boundary.
  • Capability inventory: The skill can read repository metadata and content but lacks network access and file writing capabilities.
  • Sanitization: The script extracts function signatures and config keys but does not specifically sanitize the extracted strings before providing them to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 07:24 PM
Security Audit — agent-trust-hub — risk-assess