skills/tw93/claude-health/check/Gen Agent Trust Hub

check

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various system commands to perform its duties. It uses git for repository state management, diffing, and logging. It uses the GitHub CLI (gh) for viewing and managing issues and pull requests, including API calls to post comments and reactions. It executes project-specific verification tools such as npm test, cargo test, make, and pytest via the scripts/run-tests.sh script to validate changes. In Plan Execution Mode, it is instructed to work through items in a plan which may involve executing shell commands.
  • [PROMPT_INJECTION]: The skill operates as an interface for reviewing external data, creating an attack surface for indirect prompt injection. Ingestion points: The agent reads content from external sources including git diff outputs, GitHub issue/PR summaries, and user-provided screenshots. Boundary markers: There are no explicit delimiters defined in the instructions to separate untrusted content from the agent's core instructions. Capability inventory: The agent has the ability to execute shell commands (via tests and plans) and perform write operations to GitHub. Sanitization: The instructions do not specify any sanitization or filtering of the external data before it is incorporated into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 04:55 PM
Security Audit — agent-trust-hub — check