sigil
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not exhibit any malicious behavior such as prompt injection, persistence mechanisms, or unauthorized privilege escalation. It adheres to established development practices for AI agent extensions.
- [DATA_EXFILTRATION]: The instructions include a clear security mandate to never include secrets, credentials, or machine-specific private data in the generated skill files. This is reinforced in the core contract and validation rules.
- [PROMPT_INJECTION]: While the skill processes external project data (representing an indirect prompt injection surface), it mitigates this risk through defensive prompting, strict formatting requirements (kebab-case names, specific description triggers), and a 12-point quality rubric that includes manual verification before installation.
- [COMMAND_EXECUTION]: The documentation references the platform's dynamic context injection syntax (
!command) for legitimate use cases. The examples provided (e.g., checking git branches or reading package dependencies) are common development workflows and do not present a security risk in this context.
Audit Metadata