devdocs-bugfix
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection (Category 8) by ingesting untrusted data from users to perform development actions.
- Ingestion points: User-provided bug descriptions, error reports, and issue links collected in Step 1 (SKILL.md).
- Boundary markers: The instructions lack explicit delimiters or safety instructions to prevent the agent from obeying commands embedded within user bug reports.
- Capability inventory: The skill uses powerful tools including 'Bash' for shell execution and 'Edit'/'Write' for modifying the codebase.
- Sanitization: No validation or sanitization of user-provided content is performed before use.
- [COMMAND_EXECUTION]: The skill uses the 'Bash' tool to run local 'npm test' commands and perform file searches, which is standard for its intended use case.
Audit Metadata