update-allowed-tools
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a structural utility for maintaining agent skill manifests. It uses "Read" and "Glob" to identify tool calls in skill definitions and "Edit" to update the permission lists.
- [INDIRECT_PROMPT_INJECTION]: The skill analyzes the content of other files to determine manifest updates.
- Ingestion points: Target SKILL.md and sibling files in the same directory.
- Boundary markers: None; the skill scans the full file body for tool names and Bash command patterns.
- Capability inventory: "Read", "Glob", "Grep", and "Edit" (used to update the target skill's frontmatter).
- Sanitization: No validation or sanitization of detected command strings is performed before they are proposed for inclusion in the "allowed-tools" metadata.
Audit Metadata