skill-vetter
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches repository information and skill files from GitHub's official API and raw content domains to facilitate security reviews.
- [COMMAND_EXECUTION]: Provides bash commands using curl and jq to retrieve and parse structured data from external repositories for auditing.
- [PROMPT_INJECTION]: Ingests untrusted markdown and JSON content from third-party repositories. While this presents an indirect prompt injection surface, the skill is specifically designed to facilitate manual review of such content to identify malicious patterns.
Audit Metadata