rails-model-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted content from local project files (models, migrations, schema) which could contain embedded instructions.
- Ingestion points: Project files read via the Read and Grep tools.
- Boundary markers: None used to isolate external content from the prompt.
- Capability inventory: Read, Grep, and Glob (restricted to read-only file access).
- Sanitization: No validation or sanitization of ingested content is performed.
Audit Metadata