411-frameworks-quarkus-jdbc
Pass
Audited by Gen Agent Trust Hub on Jul 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of local build tools (./mvnw compile and ./mvnw clean verify) to validate the project state. These are standard developer operations intended to ensure functional integrity during refactoring.
- [PROMPT_INJECTION]: The skill processes untrusted external code for review, creating an indirect prompt injection surface.
- Ingestion points: Project source files and user-provided code context.
- Boundary markers: None identified in the instructional text for analyzed code blocks.
- Capability inventory: File read/write access and shell execution (via Maven).
- Sanitization: The skill advocates for sanitization in the generated code (parameterized queries) but does not explicitly sanitize the inputs it processes for analysis.
Audit Metadata