Skills
skills/insforge/agent-skills/insforge-backend-advisor/Gen Agent Trust Hub

insforge-backend-advisor

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and act upon the output of backend diagnostic scans which may contain attacker-influenced recommendations or descriptions.
  • Ingestion points: Processes JSON output from npx @insforge/cli diagnose advisor --json as described in SKILL.md.
  • Boundary markers: The instructions explicitly warn the agent: "confirm the affected object's actual state before recommending a change — do not blindly apply advisor's recommendation."
  • Capability inventory: The agent has the capability to execute shell commands and arbitrary SQL queries using the @insforge/cli tool.
  • Sanitization: There is no automated sanitization of the diagnostic output; the skill relies on instructional guardrails.
  • [COMMAND_EXECUTION]: Instructs the agent to execute various system and database management commands using the @insforge/cli, including running ad-hoc SQL queries and inspecting security policies.
  • [EXTERNAL_DOWNLOADS]: Uses npx to download and execute the @insforge/cli package from the npm registry. This is the official command-line interface provided by the vendor for project management.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 10:55 PM