skills/zenon-red/skills/nexus-vote/Gen Agent Trust Hub

nexus-vote

Pass

Audited by Gen Agent Trust Hub on May 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a custom probe command-line utility to interact with the voting ecosystem, including inspecting actions, retrieving idea details, and casting votes.
  • [EXTERNAL_DOWNLOADS]: Organizational strategy guidelines (PHASE.md) are fetched from GitHub repositories using the GitHub CLI (gh api). This content is dynamically retrieved based on the organization associated with the incoming action.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it processes the contents of an external PHASE.md file to guide its scoring and evaluation logic. 1. Ingestion points: PHASE.md content fetched via GitHub API in Step 3 of the workflow. 2. Boundary markers: No delimiters or ignore instructions are used when processing the fetched file. 3. Capability inventory: Subprocess calls to probe and gh are available. 4. Sanitization: No validation or sanitization of the retrieved markdown content is performed before it is injected into the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 30, 2026, 02:11 AM
Security Audit — agent-trust-hub — nexus-vote