Skills
skills/helderberto/skills/fortify/Gen Agent Trust Hub

fortify

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes content from local source code and test files which may contain untrusted data. \n
  • Ingestion points: Target files and co-located test files identified during the scoping phase (SKILL.md). \n
  • Boundary markers: Absent; the content is ingested into the agent's context without delimiters or instructions to ignore embedded prompts. \n
  • Capability inventory: The skill has the ability to write to the file system to modify code and execute the project's test runner (SKILL.md). \n
  • Sanitization: No validation or sanitization of the ingested code content is performed. \n- [COMMAND_EXECUTION]: The skill utilizes dynamic context injection to execute node and git commands at load time for project environment discovery. It also instructs the agent to execute the project's configured test suite as part of the hardening workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 04:12 PM