build
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute arbitrary shell commands found within the
brain/build.mdfile as part of its primary build protocol. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it trusts instructions from external project data.
- Ingestion points: The skill reads command strings from
brain/build.md(documented in SKILL.md). - Boundary markers: Absent; there are no instructions to the agent to validate or sanitize the command before execution.
- Capability inventory: The skill has the capability to execute shell commands (demonstrated in the bash code block in Step 2 of SKILL.md).
- Sanitization: Absent; the agent is instructed to directly run the command found in the file.
Audit Metadata