recipe-fullstack-implement
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface through the processing of user-provided instructions ($ARGUMENTS) and prototype code paths. \n
- Ingestion points: User input is received via the $ARGUMENTS variable and prototype file paths. \n
- Boundary markers: Missing explicit boundary markers for user input, though the skill mandates a [SYSTEM CONSTRAINT] suffix for all sub-agent prompts to maintain execution context. \n
- Capability inventory: The skill coordinates sub-agents with file writing, test execution, and git operation capabilities. \n
- Sanitization: No specific input sanitization or validation routines are described for the provided arguments. \n- [SAFE]: No other security concerns were identified. The orchestration logic is transparent, uses delegation via a controlled Agent tool, and follows development best practices.
Audit Metadata