build

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to execute arbitrary shell commands found within the brain/build.md file as part of its primary build protocol.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it trusts instructions from external project data.
  • Ingestion points: The skill reads command strings from brain/build.md (documented in SKILL.md).
  • Boundary markers: Absent; there are no instructions to the agent to validate or sanitize the command before execution.
  • Capability inventory: The skill has the capability to execute shell commands (demonstrated in the bash code block in Step 2 of SKILL.md).
  • Sanitization: Absent; the agent is instructed to directly run the command found in the file.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:41 AM
Security Audit — agent-trust-hub — build