skill-portability
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled local ESM script (
scripts/providers.mjs) to retrieve provider configurations and format requirements. - [EXTERNAL_DOWNLOADS]: The skill fetches authoritative documentation from well-known services and trusted organizations, including Anthropic, Cursor, OpenAI, and Vercel Labs, to perform compatibility checks.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it ingests untrusted skill content and interpolates it into subagent prompts for analysis.
- Ingestion points: Skill content is read from user-provided paths or direct input via the
$ARGUMENTSvariable inSKILL.md. - Boundary markers: The subagent prompt template in
references/audit-prompt.mdutilizes horizontal rules (---) to delimit the interpolated YAML frontmatter and markdown body. - Capability inventory: The parent agent can read/write files and execute local scripts; subagents are granted
WebFetchcapabilities to access provider documentation. - Sanitization: There is no explicit sanitization or escaping of the interpolated skill content within the subagent prompt template.
Audit Metadata