software-development
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to manage repository state and run test suites. Evidence includes instructions in Phase 3 of SKILL.md to run canonical build/test commands and git operations, and references/development.md which mentions using grep for code verification and lsof for port checking.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and acting upon instructions found in untrusted project files to determine its execution path.
- Ingestion points: Project documentation and configuration files including README, CONTRIBUTING, Makefile, and package manager scripts (SKILL.md, Phase 3).
- Boundary markers: Absent; the skill does not use specific delimiters or instructions to isolate data from project files from its own operational logic.
- Capability inventory: The skill possesses shell execution capabilities for git, code discovery (grep), and running arbitrary build commands discovered in the project.
- Sanitization: Absent; commands identified within project-level files are executed without validation or sanitization.
Audit Metadata