Skills
skills/liuzhengdongfortest/codestable/cs-feat-ff/Gen Agent Trust Hub

cs-feat-ff

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python script codestable/tools/search-yaml.py to search through repository documentation. This is a standard utility function within the vendor's provided structure.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It reads content from untrusted or developer-controlled files within the codestable/ directory to influence its implementation decisions.
  • Ingestion points: Files located in codestable/architecture/, codestable/compound/, and codestable/reference/ (SKILL.md).
  • Boundary markers: None identified; external content is integrated directly into the agent's decision-making process.
  • Capability inventory: Local script execution (python search-yaml.py), file creation/writing ({slug}-ff-note.md), and potential repository commits (via scoped-commit instructions).
  • Sanitization: No sanitization or validation of the content read from the knowledge base is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 01:59 PM