shields-badges
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes content from untrusted sources, specifically the repository's README and configuration files (e.g., package.json, go.mod). A malicious repository could contain instructions within these files designed to influence the agent's behavior during analysis. \n
- Ingestion points: Reads README.md, package.json, go.mod, Pipfile, pyproject.toml, and GitHub workflow files. \n
- Boundary markers: No specific delimiters or instructions are used to isolate ingested data from the skill's operational logic. \n
- Capability inventory: The skill is capable of reading multiple files from the repository and writing modifications to the README.md file. \n
- Sanitization: There is no evidence of sanitization or validation of the content extracted from the files before it is used to determine which badges to generate. \n- [NO_CODE]: The skill consists entirely of markdown instructions and reference guides; it does not include any executable scripts, binaries, or automated shell commands, which limits the potential for direct system exploitation.
Audit Metadata