plaid-build
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and follows instructions found in
docs/product-roadmap.md,docs/prd.md, anddocs/product-vision.md. If an attacker can influence the content of these documentation files, they could inject malicious instructions that the agent would then follow during the build or review phases. - Ingestion points: The files
docs/product-roadmap.md,docs/prd.md, anddocs/product-vision.mdare used to drive the build process. - Boundary markers: No specific delimiters or safety instructions are used to separate user data from agent instructions.
- Capability inventory: The skill allows writing code files, executing shell commands (build and dev scripts), and performing git operations.
- Sanitization: There is no evidence of sanitization or validation of the input documentation content.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands, including initializing git repositories, committing changes, and running arbitrary build or development server commands based on the project's specific requirements.
Audit Metadata