skills/buiducnhat/agent-skills/fix/Gen Agent Trust Hub

fix

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The instructions establish best practices for software engineering and bug triage. No malicious patterns were identified during the analysis.
  • [COMMAND_EXECUTION]: The skill directs the agent to execute standard development commands such as lint, typecheck, tests, and build for verification purposes (SKILL.md, Step 5). This is appropriate for the skill's primary function.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests user-provided bug reports and executes tests. However, the workflow's emphasis on minimal, targeted changes and verification mitigates the risk.
  • Ingestion points: User-provided bug reports, reproduction steps, and evidence (SKILL.md, Step 1).
  • Boundary markers: Absent; the instructions do not include specific delimiters or 'ignore embedded instructions' warnings for user-provided data.
  • Capability inventory: Execution of project verification tools (lint, typecheck, tests, build) in Step 5.
  • Sanitization: Absent; the skill relies on the agent's core safety logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 05:23 AM
Security Audit — agent-trust-hub — fix