Skills
skills/nirabo/loop/coder/Gen Agent Trust Hub

coder

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands to identify task files and execute project-specific quality gates.
  • The agent executes ls -t docs/tasks/*_prd.md to find input documents.
  • It runs build and test tools including make check, npm test, npm run lint, uv run pytest, and uv run ruff check based on project configuration files.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the PRD (Product Requirement Document) files it processes.
  • Ingestion points: The agent reads and follows instructions from files matching docs/tasks/*_prd.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to the model to ignore potential malicious commands embedded within the PRD files.
  • Capability inventory: The skill has the authority to write files (code implementation), execute shell commands (quality gates), and perform Git operations (git commit).
  • Sanitization: No validation or sanitization of the PRD content is performed before the agent begins autonomous implementation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 01:42 PM