prisma-next-feedback
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local CLI commands including
node -v,pnpm ls, andgh issue createto gather environment metadata and submit issues to GitHub. These operations are within the stated scope of providing framework feedback. - [DATA_EXFILTRATION]: The skill transmits user-provided technical data to GitHub's issue tracker. To mitigate the risk of accidental exposure, the skill mandates a human-in-the-loop confirmation step and provides explicit instructions for redacting credentials and sensitive domain logic from the final report.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests untrusted data from user code files and terminal output to generate issue bodies.
- Ingestion points: User's contract files (
contract.prisma,contract.ts) and command execution output inSKILL.md. - Boundary markers: The generated issue body uses standard Markdown code blocks for data interpolation.
- Capability inventory: The skill uses
gh issue createfor remote submission and performs local file writes to/tmporwip/directories. - Sanitization: It includes mandatory redaction rules for
DATABASE_URLand other secrets, plus instructions to rename sensitive models to neutral placeholders.
Audit Metadata