Skills
skills/songlairui/agent-monad/agent-bridge/Gen Agent Trust Hub

agent-bridge

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes git diff --stat to harvest information about completed and pending work within the project.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it aggregates untrusted data from session history and code changes, then writes this data into instruction-carrying configuration files like .cursorrules and CLAUDE.md.
  • Ingestion points: Project status (via git diff) and session history from current files are captured in the Bridge workflow.
  • Boundary markers: The skill does not explicitly describe the use of delimiters or 'ignore' instructions to encapsulate harvested content within the generated target agent configuration files.
  • Capability inventory: The skill performs file-write operations to .agent-monad/handoff.md, CLAUDE.md, and .cursorrules to influence future agent behaviors.
  • Sanitization: No mechanisms for sanitizing or escaping potentially malicious instructions embedded in the project files or conversation history are identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:41 AM