Skills
skills/primatrix/skills/lint-fix/Gen Agent Trust Hub

lint-fix

Warn

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill constructs shell commands using the $ARGUMENTS variable and file lists derived from git. These inputs are not sanitized or validated, allowing for potential command injection if the input contains shell metacharacters like semicolons or pipe symbols. Evidence: The placeholders in shell command templates such as 'git diff --name-only ..' and 'isort '.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests and processes untrusted data from the local filesystem and external tools.
  • Ingestion points: Content of changed Python files and outputs from isort, ruff, black, and codespell.
  • Boundary markers: None. The instructions do not specify the use of delimiters or warnings to ignore embedded instructions within the files.
  • Capability inventory: Execution of git commands, linting tools, and the manual Edit tool for file modifications.
  • Sanitization: None. Data is processed and used to guide the agent's editing actions without filtering.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 19, 2026, 11:23 AM