skillsman-next-prompt
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses read-only commands like
pwdandgit statusto gather context about the user's workspace. This information is used strictly to improve the quality and relevance of the generated prompts and does not involve any sensitive data exfiltration or unauthorized system modifications. - [SAFE]: The workflow incorporates security best practices by recommending human approval gates for any irreversible or risky actions proposed in the generated prompts.
- [SAFE]: Analysis of the Indirect Prompt Injection surface (Category 8): 1. Ingestion points: conversation history and repository state; 2. Boundary markers: structural headers in the output format; 3. Capability inventory: read-only shell commands (
pwd,git status); 4. Sanitization: no explicit sanitization of input data is described. The risk is assessed as safe due to the limited scope and read-only nature of the operations.
Audit Metadata