migrate-to-shoehorn
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted TypeScript source files.\n
- Ingestion points: The agent uses
GrepandReadtools to scan*.test.ts,*.spec.ts, and*.test.tsxfiles.\n - Boundary markers: There are no explicit instructions to the agent to isolate or ignore instructions that might be embedded within the processed code files.\n
- Capability inventory: The skill utilizes
WriteandEditfor file modification andBashfor command execution, creating a path for automated exploitation if malicious code is processed.\n - Sanitization: No sanitization or verification of the file content is performed before the agent acts upon the data.\n- [EXTERNAL_DOWNLOADS]: The skill initiates the installation of the
@total-typescript/shoehornpackage vianpm. This is an established library from a well-known source intended for the specific purpose of the skill.\n- [COMMAND_EXECUTION]: The skill uses theBashtool to executenpx tsc --noEmitto verify type-checking results, which is a standard procedure in TypeScript development environments.
Audit Metadata