script-builder
Warn
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various shell commands to perform syntax checking and validation of generated scripts. This includes running
bunx tsc,npx tsc,ruff, andshellcheck(Step 6). Additionally, the skill executes the newly created scripts during the 'Iterate on Failures' phase (Step 9) to verify their functionality. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It constructs scripts and documentation based on 'gathered intent' (Step 3) and a retrospective scan of recent tool-use history (Step 1). If an attacker can influence the session history or provide malicious intent, they could induce the agent to generate harmful code or inject persistent malicious instructions into the project's
CLAUDE.mdorAGENTS.mdfiles through the automatic documentation feature (Step 7). - [DYNAMIC_EXECUTION]: The core logic of the skill involves assembling executable scripts from local templates (
typescript.ts.tmpl,python.py.tmpl,bash.sh.tmpl) and then executing them. While templates provide a safety structure, the{{TEST_BODY}}is dynamically generated from user input. The 'Autopilot' mode further reduces human oversight by auto-escalating to script execution unless specific side-effects are detected.
Audit Metadata