nexus-vote
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a custom probe command-line utility to interact with the voting ecosystem, including inspecting actions, retrieving idea details, and casting votes.
- [EXTERNAL_DOWNLOADS]: Organizational strategy guidelines (PHASE.md) are fetched from GitHub repositories using the GitHub CLI (gh api). This content is dynamically retrieved based on the organization associated with the incoming action.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it processes the contents of an external PHASE.md file to guide its scoring and evaluation logic. 1. Ingestion points: PHASE.md content fetched via GitHub API in Step 3 of the workflow. 2. Boundary markers: No delimiters or ignore instructions are used when processing the fetched file. 3. Capability inventory: Subprocess calls to probe and gh are available. 4. Sanitization: No validation or sanitization of the retrieved markdown content is performed before it is injected into the agent context.
Audit Metadata