spike
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to create and run executable prototypes. This involves generating minimal code artifacts and running CLI commands to test functionality, which is the core intended purpose of the skill.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection during the research phase.
- Ingestion points: External documentation and source code are read during the 'Research' step (SKILL.md).
- Boundary markers: No explicit boundary markers or 'ignore' instructions are present to delimit external content.
- Capability inventory: The 'Build' step in SKILL.md involves file creation and command execution.
- Sanitization: External data is processed without explicit sanitization steps before influencing prototype construction.
Audit Metadata