skills/iii-hq/workers/coder/Gen Agent Trust Hub

coder

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes arbitrary file content from a repository which could contain malicious instructions designed to influence the agent's behavior.
  • Ingestion points: File content is ingested into the agent's context via coder::read-file and coder::search (SKILL.md).
  • Boundary markers: The documentation does not describe the use of markers or delimiters to isolate untrusted file content from system instructions (SKILL.md).
  • Capability inventory: The agent has extensive modification capabilities including coder::create-file, coder::update-file, coder::delete-file, and coder::move (SKILL.md).
  • Sanitization: No sanitization or validation mechanisms are mentioned to prevent the agent from acting on commands found within ingested files (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:22 AM
Security Audit — agent-trust-hub — coder