Skills
skills/biomejs/biome/lint-rule-development/Gen Agent Trust Hub

lint-rule-development

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill instructions utilize standard development tools such as just, cargo, and pnpm for project-specific tasks like rule generation and snapshot testing. These commands are typical for the Biome repository's development environment.
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it instructs the agent to read and process external JavaScript and JSON files used for testing lint rules.
  • Ingestion points: Test specification files located in tests/specs/nursery/ (e.g., invalid.js, valid.js, options.json).
  • Boundary markers: There are no explicit instructions or markers provided to the agent to ignore or isolate potential prompt injection attempts embedded within the test code snippets.
  • Capability inventory: The agent is authorized to execute shell commands via just, cargo, and pnpm to run tests and generate code.
  • Sanitization: No sanitization or validation of the contents of the test files is mentioned before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 03:19 PM
Security Audit — agent-trust-hub — lint-rule-development