Skills
skills/yaofeng/my-skills/crowddigital-kb/Gen Agent Trust Hub

crowddigital-kb

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands including mkdir, cd, ls, tree, find, and grep to organize and search documents within the ~/workspace/crowddigital-kb directory.
  • [EXTERNAL_DOWNLOADS]: Fetches knowledge base repositories from the organization's internal git server (git@git.zhongshu.tech) using git clone and git pull.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing content from external repositories.
  • Ingestion points: Markdown files downloaded into ~/workspace/crowddigital-kb/ from strategy-docs/ repositories.
  • Boundary markers: None specified in the instructions for isolating or labeling external content.
  • Capability inventory: Shell command execution (git, find, grep) and file reading operations.
  • Sanitization: No explicit sanitization or validation of the downloaded content is described before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 07:43 AM