graphicode-junior-engineer-ts-state-umi
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses cat and echo shell commands to manipulate files within the project structure. This provides the agent with broad filesystem access. The instructions rely on user-provided path components (stateDir, stateId) which, without explicit validation, could potentially be used for path traversal to access or overwrite sensitive files outside the intended directories.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes user-provided README files to guide code generation. • Ingestion points: The agent reads instructions from the filesystem via the cat command. • Boundary markers: The prompt lacks explicit delimiters or instructions to treat the content of documentation files as untrusted data. • Capability inventory: The agent has the ability to modify the project's source code using the echo command. • Sanitization: No validation or sanitization of the content within the processed files is performed.
Audit Metadata