java-file-upload-audit
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute the
rg(ripgrep) utility on the local file system to search for Java patterns associated with file uploads (e.g., MultipartFile, ServletFileUpload). - [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection due to its core function of auditing untrusted external data with an agent that has execution capabilities.
- Ingestion points: Project source files (.java, .yml) and binary artifacts (.class, .jar) as identified throughout SKILL.md.
- Boundary markers: Absent; the skill does not provide instructions to the agent to distinguish between task-related instructions and potentially malicious content within the audited project files.
- Capability inventory: The skill utilizes shell command execution (rg), interaction with other agent skills (java-route-mapper), and execution of MCP decompilation tools as defined in SKILL.md.
- Sanitization: There is no evidence of content sanitization or validation logic to mitigate malicious instructions embedded in the audited source code.
Audit Metadata