Skills
skills/varlabz/mindex/llm-index/Gen Agent Trust Hub

llm-index

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's instructions require fetching the mindex CLI tool from the author's public GitHub repository (https://github.com/varlabz/mindex).
  • [REMOTE_CODE_EXECUTION]: The skill utilizes uvx to execute code directly from the vendor's Git repository (git+https://github.com/varlabz/mindex), which is the designated method for the tool's operation.
  • [COMMAND_EXECUTION]: The skill uses shell commands to interface with the mindex tool for indexing, searching, and reading local filesystem data.
  • [PROMPT_INJECTION]: The skill processes potentially untrusted data from local files, creating a surface for indirect prompt injection. Ingestion points: Data is ingested through mindex search, fsearch, and read commands in SKILL.md. Boundary markers: The skill lacks explicit delimiters or instructions for the agent to ignore commands embedded within the retrieved file content. Capability inventory: The agent is authorized to use the shell tool for executing filesystem and indexing commands. Sanitization: There is no documented validation or filtering of the file content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:29 PM
Security Audit — agent-trust-hub — llm-index