game-rolling-supervisor
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to autonomously process, build, and repair game project files over multiple sessions.
- Ingestion points: The agent reads game project source code and internal state files such as
docs/game-studio/rolling/state.json. - Boundary markers: There are no instructions defining delimiters or specific markers to distinguish between the agent's instructions and the content of the project files being processed.
- Capability inventory: The skill explicitly requests high-privilege capabilities, including file read/write access and shell/build access, to perform repair and verification tasks.
- Sanitization: No sanitization or validation logic is defined to prevent the execution of malicious instructions that might be embedded in the project files or external state data.
- [COMMAND_EXECUTION]: The skill architecture relies on an external Python supervisor to execute tasks defined by the plugin. While the specific supervisor script is not provided in this file, the skill documentation explicitly requires shell and build access to perform its functions, which increases the potential impact if the autonomous loop is influenced by malicious input.
Audit Metadata