solid-start-v2
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill operates on an indirect prompt injection attack surface because it is designed to analyze and modify user-controlled application code and route structures.
- Ingestion points: The agent processes content from local repository files, including route components, server logic, and configuration files as referenced in SKILL.md and the app architecture references.
- Boundary markers: No specific delimiters or instructions to disregard potential commands within code comments or data structures are included in the skill's guidelines.
- Capability inventory: The skill allows the agent to create new files, modify existing application logic, and implement server-side actions and queries (documented in references/data-and-mutations.md).
- Sanitization: There is no requirement for the agent to sanitize or validate the content of the ingested files before using them to guide implementation steps or code generation.
Audit Metadata