code-fixup
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs
yarn nx buildandyarn nx lint. These commands are standard for projects using the Nx build system and are used here for the intended purpose of identifying and verifying code fixes. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. 1. Ingestion points: Build and lint command outputs, and IDE diagnostics from
mcp__ide__getDiagnostics(SKILL.md). 2. Boundary markers: No explicit delimiters or "ignore instructions" warnings are present. 3. Capability inventory: Subprocess execution of build tools and orchestration of sub-agents (SKILL.md). 4. Sanitization: No explicit sanitization of tool output is performed, though the skill requires the agent to ask the user for confirmation before committing to a direction if unsure.
Audit Metadata