skills/cursor/plugins/blast-radius/Gen Agent Trust Hub

blast-radius

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill provides instructions for standard software engineering and auditing tasks, such as performing impact analysis (blast radius) on code diffs and PRs. It emphasizes evidence-based reasoning and local testing over assumptions.\n- [PROMPT_INJECTION]: The skill is exposed to a potential indirect prompt injection surface because it processes untrusted external data while having the capability to execute code.\n
  • Ingestion points: The agent is instructed to read pull request bodies, commits, and code diffs in SKILL.md (Step 1).\n
  • Boundary markers: No specific boundary markers or instructions to ignore embedded commands within the processed data are defined.\n
  • Capability inventory: The skill explicitly directs the agent to write and execute scripts or tests that import library code to verify safety assumptions in SKILL.md (Step 5).\n
  • Sanitization: No input sanitization or validation for the ingested data is mentioned, though it does include a best-practice instruction to strip private data before making information public.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 06:08 PM
Security Audit — agent-trust-hub — blast-radius