maple-audit
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill and its checklist (checks.md) follow safe practices for instrumentation auditing and scan for PII as a security feature.
- [PROMPT_INJECTION]: The skill ingests untrusted code from the repository, creating a surface for indirect prompt injection.
- Ingestion points: Reads source code and manifests in SKILL.md Step 1 and Step 2.
- Boundary markers: Not specified for the ingested content.
- Capability inventory: Modifies repository files in Step 5 and executes build commands in Step 6.
- Sanitization: Not explicitly implemented for data read from the repository.
- [COMMAND_EXECUTION]: Step 6 involves running the repository's native build or development commands to verify fixes. This execution is limited to the verification of the audit's remediation steps.
Audit Metadata