implement
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data such as requests, plans, and design findings to drive its implementation and verification tasks. This creates a surface for indirect prompt injection where malicious instructions embedded in the input could influence the agent's actions while modifying code or executing commands.
- Ingestion points: SKILL.md (task input defined as a request, plan, design, or open findings).
- Boundary markers: No delimiters or explicit warnings to ignore instructions within the input data are present.
- Capability inventory: SKILL.md (capabilities include applying changes to source code and executing verification tools such as typecheck, lint, and tests).
- Sanitization: No sanitization or validation logic for the input content is described in the workflow.
Audit Metadata