rules
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of a markdown documentation file and does not contain any executable scripts, binaries, or logic.- [SAFE]: No malicious patterns such as credential harvesting, unauthorized network access, or persistence mechanisms were found in the documentation.- [PROMPT_INJECTION]: The skill describes an architecture that ingests external instruction files, representing a surface for indirect prompt injection if those files are controlled by an attacker.
- Ingestion points: Documentation indicates the plugin reads from
.sisyphus/rules,.claude/rules,.cursor/rules, and.github/instructions. - Boundary markers: None are specified in the provided documentation to isolate rule content from system prompts.
- Capability inventory: The skill provides informational context only and does not define any active tools or shell capabilities.
- Sanitization: No filtering or validation mechanisms for external rule content are described in the documentation.
Audit Metadata