Skills
skills/oimiragieo/agent-studio/tsconfig-json-rules/Gen Agent Trust Hub

tsconfig-json-rules

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The SKILL.md file contains instructions for the agent to execute a cat command to read .claude/context/memory/learnings.md. This is a documented pattern for state management and context retrieval in specific agent environments.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it reads and analyzes external tsconfig.json files which could contain malicious instructions embedded in comments or string values.
  • Ingestion points: tsconfig.json files identified via the globs pattern in the skill configuration.
  • Boundary markers: There are no explicit markers or instructions provided to the agent to help it distinguish between data content and potential instructions within the processed files.
  • Capability inventory: The skill is configured with Read, Write, and Edit tools, granting it the ability to modify files in the repository.
  • Sanitization: No explicit sanitization or validation of the tsconfig.json content is performed before the model processes the file.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 05:38 PM
Security Audit — agent-trust-hub — tsconfig-json-rules