Skills
skills/gohypergiant/agent-skills/accelint-ts-audit-all/Gen Agent Trust Hub

accelint-ts-audit-all

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill manages the audit environment using shell commands such as git worktree add, git merge, and git commit to ensure changes are made in isolation before being integrated.
  • [COMMAND_EXECUTION]: The skill executes user-defined project scripts for testing and building (e.g., npm test, npm run build) as specified in the repository's configuration files.
  • [PROMPT_INJECTION]: The skill's instructions in SKILL.md employ highly directive language including 'BLOCKING' and 'NEVER' to enforce a specific 9-step audit process and prevent the agent from bypassing human-in-the-loop approvals.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and processing untrusted source code during its audit workflow.
  • Ingestion points: Reads TypeScript and JavaScript files from the repository being audited (detailed in SKILL.md).
  • Boundary markers: Absent; there are no explicit delimiters described to wrap the ingested code to prevent the agent from interpreting embedded comments as instructions.
  • Capability inventory: Detailed in SKILL.md, the agent can execute shell commands, write to the local filesystem (.agents/audit/), and invoke other agent skills.
  • Sanitization: Present; a strict requirement for manual user approval of all changes is enforced before any code modifications are committed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:52 PM