Skills
skills/synapseradio/ai-skills/runbook/Gen Agent Trust Hub

runbook

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill establishes autonomous workflows that read from the local codebase and metadata files, creating an attack surface for indirect prompt injection.\n
  • Ingestion points: As defined in references/loop-prompt.md, the agent reads the project codebase, FOCUS.md, and LEARNINGS.md to identify and execute tasks.\n
  • Capability inventory: The resulting autonomous loop is empowered to spawn subagents, execute shell-based tests, perform git commit operations, and use CronCreate for scheduling.\n
  • Boundary markers: The instructions do not employ specific boundary markers or delimiters to protect the agent from instructions embedded within the codebase content being processed.\n
  • Sanitization: Content read from the codebase is not sanitized before being provided to the subagents for task execution.\n- [COMMAND_EXECUTION]: The skill generates prompts that instruct the agent to perform file system and shell operations as part of its autonomous cycle.\n
  • Evidence: The loop prompt template in references/loop-prompt.md directs the agent to run tests, commit code changes, and manage tasks via the command line. These are core functionalities of the skill's intended purpose.\n- [EXTERNAL_DOWNLOADS]: The skill provides installation instructions that involve downloading content from a remote repository.\n
  • Evidence: The README.md file recommends installation via npx skills add https://github.com/synapseradio/ai-skills, which fetches content from the author's public GitHub repository.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 09:10 PM