prisma-next-feedback

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local CLI commands including node -v, pnpm ls, and gh issue create to gather environment metadata and submit issues to GitHub. These operations are within the stated scope of providing framework feedback.
  • [DATA_EXFILTRATION]: The skill transmits user-provided technical data to GitHub's issue tracker. To mitigate the risk of accidental exposure, the skill mandates a human-in-the-loop confirmation step and provides explicit instructions for redacting credentials and sensitive domain logic from the final report.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests untrusted data from user code files and terminal output to generate issue bodies.
  • Ingestion points: User's contract files (contract.prisma, contract.ts) and command execution output in SKILL.md.
  • Boundary markers: The generated issue body uses standard Markdown code blocks for data interpolation.
  • Capability inventory: The skill uses gh issue create for remote submission and performs local file writes to /tmp or wip/ directories.
  • Sanitization: It includes mandatory redaction rules for DATABASE_URL and other secrets, plus instructions to rename sensitive models to neutral placeholders.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 06:16 AM
Security Audit — agent-trust-hub — prisma-next-feedback