Skills
skills/steloit/squad-skills/squad-batch-run/Gen Agent Trust Hub

squad-batch-run

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses local configuration and authentication files located at ~/.squad/auth and ~/.squad/config to retrieve user credentials and API settings for the Squad platform.
  • [COMMAND_EXECUTION]: Executes several shell commands to manage the batch workflow:
  • curl is used to verify connectivity to the task board and log activity events.
  • python3 executes the local scripts/plan_batch.py script to resolve task ordering.
  • git commands (git status, git diff) are used to check for workspace conflicts and verify implementation results.
  • [EXTERNAL_DOWNLOADS]: Fetches task metadata, dependency relationships, and status information from the vendor's API (defaulting to steloit-squad.vercel.app). This data is used to plan the execution order and determine parallelization safety.
  • [INDIRECT_PROMPT_INJECTION_SURFACE]: The skill parses free-text task descriptions from the remote API for specific metadata tags (e.g., Parallel-safe: yes, Touches: module).
  • Ingestion points: Task descriptions retrieved via urllib in scripts/plan_batch.py.
  • Boundary markers: None; descriptions are parsed directly using regular expressions.
  • Capability inventory: The skill can trigger sub-skills (squad-run, squad-refine) and execute shell commands (curl, git).
  • Sanitization: No sanitization is performed on the ingested task metadata before it influences the planning logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 11:03 PM
Security Audit — agent-trust-hub — squad-batch-run