forge-grid
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted codebase data and possesses file-write capabilities.
- Ingestion points: Scans padding, margin, and gap declarations in codebase files.
- Boundary markers: Not present; the instructions lack delimiters or warnings to ignore instructions embedded in code comments.
- Capability inventory: The agent is authorized to perform file replacement and report changes.
- Sanitization: No explicit sanitization or validation logic is defined for the content being processed.
Audit Metadata