Skills
skills/warpdotdev/common-skills/update-skill/Gen Agent Trust Hub

update-skill

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill's primary function is to generate and refine instructions (SKILL.md files), which creates an indirect prompt injection surface. User-provided content for new skills could potentially include malicious instructions that would then be saved into the repository.
  • Ingestion points: User input defining the content and behavior of new or updated skills in SKILL.md.
  • Boundary markers: Absent; the skill does not provide instructions on how to delimit or isolate user-provided content from the overall skill structure.
  • Capability inventory: The agent is expected to use file-writing capabilities to create or modify SKILL.md and related reference files.
  • Sanitization: Absent; there is no mention of sanitizing or validating the safety of the instruction content being generated.
  • [COMMAND_EXECUTION]: The skill suggests running a local CLI tool, skills-ref, to validate that the frontmatter and naming conventions of a skill are correct.
  • [EXTERNAL_DOWNLOADS]: References a GitHub repository (github.com/agentskills/agentskills) as a source for the validation tool and additional documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 04:53 PM