api-patterns
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from project files, creating a surface for indirect prompt injection.
- Ingestion points: The
scripts/api_validator.pyscript reads and analyzes source code files and OpenAPI specifications (e.g., .ts, .py, .json, .yaml) from the user's project directory. - Boundary markers: There are no explicit instructions or delimiters that help the agent distinguish between its own system instructions and the content of the files it is analyzing.
- Capability inventory: The skill allows the use of
Read,Write,Edit,Glob, andGreptools, which provides a significant capability set that could be misused if an injection successfully occurs. - Sanitization: The validation script extracts data such as API paths and method names directly from files and includes them in its output without sanitization, providing a vector for malicious instructions to reach the agent's context.
Audit Metadata