coverage
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and processing untrusted data from local project files. \n
- Ingestion points:
SKILL.md(utilizes Read, Grep, and Glob tools to ingest file or module content). \n - Boundary markers: Absent; the instructions do not specify delimiters or provide warnings for the agent to ignore instructions embedded within the analyzed content. \n
- Capability inventory:
SKILL.md(executes shell commands viaBash(npm test:*)and suggests further tool-mediated actions like/tdd,/checkin, or/refactor). \n - Sanitization: Absent; no evidence of content validation or escaping before interpolation into the AI context.
Audit Metadata