Skills
skills/flutter/skills/dart-package-maintenance/Gen Agent Trust Hub

dart-package-maintenance

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection by design, as it requires the agent to read and interpret data from external files.
  • Ingestion points: The agent is instructed to read CHANGELOG.md, pubspec.yaml, and git tags to determine versioning logic.
  • Boundary markers: There are no specified boundary markers or instructions to treat data within these files as untrusted content.
  • Capability inventory: The skill uses git for tagging and pushing, dart pub publish for publishing packages, and gh for pull request management.
  • Sanitization: No sanitization or validation of the external file content is implemented before the agent processes the data and executes subsequent commands.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 01:31 PM