coverage
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill instructions focus on standard development tasks like reading code, identifying edge cases, and running tests.
- [PROMPT_INJECTION]: The skill processes existing source code and tests which creates a surface for indirect prompt injection if the files being analyzed contain malicious instructions.
- Ingestion points: Reading project source code and existing tests from the file system (SKILL.md).
- Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded content in the files being read.
- Capability inventory: The skill allows the agent to read files, create new test files, and execute test commands on the local system (SKILL.md).
- Sanitization: No validation or sanitization is performed on the content of the files ingested by the agent.
Audit Metadata