canon
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation and reference files (accessibility-standards.md, api-standards.md, security-standards.md) recommend the use of several external auditing and linting tools. These include @axe-core/cli, pa11y, lighthouse, @stoplight/spectral-cli, ajv-cli, pip-audit, and safety. These tools are industry standards from trusted organizations and well-known technology providers.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its core workflow of processing external codebase data to produce remediation prompts.\n
- Ingestion points: The agent reads codebase files, configuration files, and existing compliance evidence during the ASSESS phase to identify violations.\n
- Boundary markers: The instructions do not specify the use of clear boundary markers or instructions to the agent to ignore any embedded directives within the files being audited.\n
- Capability inventory: The agent has the capability to read any file in the workspace and generate self-contained ## LLM Fix Prompt blocks designed for execution by downstream agents like Builder.\n
- Sanitization: There is no documented requirement to sanitize, escape, or validate the content of the audited codebase before including it in the generated fix prompts or reports.
Audit Metadata