fp-check
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests and processes untrusted codebase files. Ingestion points include the use of Read, Grep, and Glob tools in data-flow-analyzer.md. There is an absence of boundary markers or instructions to ignore embedded commands within the analyzed data. The skill possesses powerful capabilities such as Bash, Write, Edit, and TaskCreate. No sanitization of the input code is performed.
- [COMMAND_EXECUTION]: The skill performs dynamic execution of scripts generated at runtime. Evidence in poc-builder.md shows the agent writes and executes code to demonstrate vulnerability exploitability. This behavior is the intended primary purpose of the skill for security verification.
Audit Metadata