models
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to run standard Django management commands and testing tools (makemigrations,migrate,ruff,pytest). These are expected behaviors for a development-focused skill and align with the stated purpose. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and processes existing project files which then influence its code generation and command execution.
- Ingestion points: The agent is instructed to read
src/project/ids.py,src/<app>/admin.py, and existing models or repositories as specified in the SKILL.md. - Boundary markers: Absent; there are no instructions provided to the agent to treat external project content as untrusted.
- Capability inventory: The agent is granted
Write,Edit, andBashtools, which are used to apply changes and run code (e.g., migrations and tests). - Sanitization: Absent; the skill does not include logic or instructions to validate or sanitize the ingested project code.
Audit Metadata