harness-coder
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to interact with the local development environment, including project orientation (ls, pwd), checking configuration (cat), running tests (npm test, pytest), and version control (git log, git commit). These operations are essential for its primary function as a coding assistant.- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection as it ingests and processes task descriptions from an external system.
- Ingestion points: The skill retrieves task details and session notes using the
find_tasksandfind_documentsfunctions in SKILL.md. - Boundary markers: Absent; the instructions do not implement specific delimiters or 'ignore' directives for content fetched from the Archon system.
- Capability inventory: The agent has the ability to execute shell commands (
bash) and modify project state through task management operations (python). - Sanitization: Absent; there is no evidence of validation or sanitization of the external task data before it is interpreted by the LLM.
Audit Metadata