cook-fullstack
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a legitimate software development lifecycle (Plan, Design, Code, Review, Test) and incorporates positive security requirements, such as checking for SQL injection and exposed secrets during the review phase.
- [PROMPT_INJECTION]: No patterns of instruction override or safety filter bypass were detected. The skill exhibits an indirect prompt injection surface via its 'memory-bank' integration: 1. Ingestion points: reads markdown files in the 'memory-bank/' directory (e.g., projectbrief.md, techContext.md). 2. Boundary markers: Absent; files are read directly into context. 3. Capability inventory: capability to write/update local context files and execute standard development tools during the 'Test' phase. 4. Sanitization: Absent. This surface is considered a standard feature of development-focused skills.
- [DATA_EXFILTRATION]: No network requests to non-whitelisted domains or unauthorized access to sensitive files like SSH keys or environmental secrets were found.
- [COMMAND_EXECUTION]: The skill references running linters and tests but does not include any specific, hardcoded, or suspicious shell commands.
Audit Metadata