Skills
skills/steveclarke/dotfiles/ship/Gen Agent Trust Hub

ship

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it ingests untrusted data from git logs and pull request metadata to generate descriptions for new pull requests.
  • Ingestion points: Data is read from git log --oneline and gh pr view in SKILL.md.
  • Boundary markers: Absent; the skill interpolates the gathered information directly into the markdown body of the PR.
  • Capability inventory: The skill has the ability to push code (git push) and create pull requests (gh pr create) as documented in SKILL.md.
  • Sanitization: Absent; commit messages are used to populate PR summaries without explicit validation or escaping.
  • [COMMAND_EXECUTION]: The skill extensively uses shell commands and local scripts to coordinate its automated pipeline.
  • Evidence: It executes git, gh, sed, grep, and a bundled bash script (scripts/readiness.sh) to manage project state and provide a status dashboard.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:33 PM