electrobun-kitchen-sink
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run various shell commands such as 'bun install', 'electrobun dev', and 'npx tsx scripts/generate-manifest.ts'. These commands facilitate local code execution and project management within the agent's environment.
- [PROMPT_INJECTION]: The skill describes a process where the agent reads a JSON manifest file ('feature-manifest.json') containing test descriptions. This constitutes an indirect prompt injection surface if the manifest content is untrusted.
- Ingestion points: The agent reads 'kitchen/src/generated/feature-manifest.json' using commands like 'cat' or 'jq'.
- Boundary markers: Absent. No specific instructions are provided to the agent to treat the manifest's natural language fields as untrusted or to isolate them from its own logic.
- Capability inventory: The agent has the ability to execute shell commands ('bun', 'npx', 'electrobun') and interact with the file system.
- Sanitization: Absent. The manifest data is consumed directly without validation or filtering of potentially malicious instructions in text fields.
Audit Metadata