production-hardening

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill performs audits on external codebases, creating a surface for indirect prompt injection. Malicious instructions or adversarial comments embedded within the audited source code could potentially attempt to hijack the agent's behavior during the implementation of hardening fixes.
  • Ingestion points: Reads codebase files including package.json, source code (.ts, .py, .go, .rs), IaC templates (sst.config.ts, serverless.yml, cdk.json), and environment variables using Read, Glob, and Grep tools.
  • Boundary markers: None identified; the skill does not provide specific delimiters or instructions to treat audited code as untrusted data that should not be followed as instructions.
  • Capability inventory: The skill has broad capabilities including Write, Edit, and Bash access (specifically npm, pnpm, and node), which could be misdirected if an injection is successful.
  • Sanitization: There is no evidence of sanitization or filtering of the ingested code content before it is processed by the agent.
  • [SAFE]: The skill follows security best practices by recommending well-known, high-adoption libraries (e.g., cockatiel, tenacity) and official vendor tools (e.g., @aws-lambda-powertools). It correctly identifies and rejects stale or unproven libraries and provides secure guidance on credential management, such as using OIDC for AWS authentication instead of static keys.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 08:37 AM
Security Audit — agent-trust-hub — production-hardening