adversarial-verify
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions in SKILL.md and verify-patterns.md direct agents to run reproduction commands and shell scripts using the Bash tool. This is a primary feature for verifying bug reports and logic changes but constitutes execution of data-derived commands.
- [SAFE]: The skill implements a 'fail-closed' security logic and adversarial framing which inherently hardens the agent's workflow against common errors. No evidence of data exfiltration, hardcoded secrets, or persistence mechanisms was found in the analyzed files.
- [PROMPT_INJECTION]: The skill processes untrusted input in the form of claims and ground truth code (Ingestion: $claim argument and tool outputs in SKILL.md). Boundary markers: The verifier prompt in verify-patterns.md uses 'CLAIM:', 'FAILURE SCENARIO:', and 'GROUND TRUTH:' delimiters. Capability inventory: Use of Bash for reproduction, Agent spawning for verification, and Workflow orchestration (SKILL.md, verify-patterns.md). Sanitization: No explicit escaping or filtering of the interpolated claim or ground truth text is performed, creating a surface for indirect prompt injection.
Audit Metadata