rewrite
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or data exfiltration patterns were identified in the instructions or metadata. The skill is an instructional template for legitimate software development tasks.\n- [PROMPT_INJECTION]: The skill processes user-provided content such as codebase scope and test commands, which constitutes an indirect prompt injection surface. This is a common characteristic of AI developer tools that interact with code and execute shell commands for testing purposes.\n
- Ingestion points: Data enters the agent's context through the
scope(files/directories) andtests_ci(command strings) inputs.\n - Boundary markers: None explicitly mentioned in the skill instructions.\n
- Capability inventory: The skill is designed to modify repository files and execute shell commands for integration and smoke testing.\n
- Sanitization: Not present; the skill follows a standard development workflow without explicit input filtering.
Audit Metadata