Skills
skills/totto2727-dotfiles/agents/script-rules/Gen Agent Trust Hub

script-rules

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for the agent to generate and execute shell commands and TypeScript scripts via Deno. It explicitly details methods for file system interaction (reading, writing, and directory traversal) and subprocess execution (using 'Deno.Command' and shell pipes).
  • [PROMPT_INJECTION]: The skill instructs the agent to create scripts that ingest untrusted data from the local environment (e.g., 'Deno.readTextFile', 'cat file.txt'). This creates a surface for indirect prompt injection because the rules lack instructions for sanitizing external content or using boundary markers to prevent malicious data from influencing the agent's logic.
  • Ingestion points: Processes files and directory contents via 'Deno.readDirSync', 'Deno.readTextFileSync', and shell commands in 'SKILL.md'.
  • Boundary markers: Absent from the script generation guidelines.
  • Capability inventory: Full file system access, shell command execution, and Deno subprocess spawning as described in 'SKILL.md'.
  • Sanitization: No instructions are provided for escaping or validating data retrieved from the file system before it is used in logic or output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 02:45 PM