Skills
skills/soul-brews-studio/oracle-skills-cli/about-oracle/Gen Agent Trust Hub

about-oracle

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various system commands including git, gh, bun, ls, and cat to introspect the project environment and gather metadata such as commit history and file structures.
  • [EXTERNAL_DOWNLOADS]: It fetches repository lists and issue content from the Soul-Brews-Studio GitHub organization using the gh tool to provide up-to-date project information.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to processing external data.
  • Ingestion points: Content is retrieved from the body of GitHub issue #60 in the Soul-Brews-Studio/oracle-v2 repository via the gh CLI.
  • Boundary markers: None identified; the content is processed and presented directly to the agent context.
  • Capability inventory: The skill can execute shell commands (git, gh, bun), read local files, and list directories.
  • Sanitization: No explicit sanitization or instruction-ignoring delimiters are applied to the fetched GitHub content before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 06:45 AM
Security Audit — agent-trust-hub — about-oracle