code-audit
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection surface.
- Ingestion points: The skill reads and processes arbitrary source files from the user's codebase during Phase 3.
- Boundary markers: The auditing agents are provided with file content without explicit delimiters or instructions to ignore commands that might be embedded in code comments or string literals.
- Capability inventory: The skill possesses the capability to modify the codebase (Phase 6), execute shell commands for testing and linting (Phase 6), and launch parallel sub-agents.
- Sanitization: No sanitization or filtering of the file content is performed before it is passed into the agent context.
- [COMMAND_EXECUTION]: Shell command execution for project analysis and verification.
- The skill runs several reconnaissance commands including 'find', 'grep', 'head', and 'git' to understand project structure and history.
- It executes lifecycle scripts such as 'npm test', 'npm run typecheck', and 'npm run lint' during the fix verification phase.
Audit Metadata