Skills
skills/yatmn/skillsman/skillsman-agents-md/Gen Agent Trust Hub

skillsman-agents-md

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads untrusted data from the local repository (e.g., README.md, existing AGENTS.md, configuration files) to generate or update agent instructions. If these source files contain malicious instructions, the agent might incorporate them into the output.
  • Ingestion points: Reads various project files including AGENTS.md, CLAUDE.md, README.md, and build/test configurations as specified in SKILL.md (Workflow Step 2).
  • Boundary markers: Absent. The skill does not instruct the agent to use delimiters or ignore embedded instructions in the source files.
  • Capability inventory: The skill allows creating and updating instruction files (Workflow Step 1).
  • Sanitization: Absent. There are no instructions to sanitize or validate the content read from the repository.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 10:57 AM
Security Audit — agent-trust-hub — skillsman-agents-md