code-quality
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (SAFE): The skill utilizes standard Flutter and Dart CLI tools (flutter analyze, flutter test, dart format, flutter build). These are essential for the skill's primary purpose and do not represent malicious command execution.- [External Downloads] (LOW): The skill executes flutter pub upgrade, which fetches dependencies from the official Dart package repository (pub.dev). This is a standard development workflow.- [Indirect Prompt Injection] (LOW): The skill ingests tool output that could potentially be influenced by untrusted project files.
- Ingestion points: Standard output and error streams from Flutter/Dart CLI tools.
- Boundary markers: Absent in the suggested subagent prompt.
- Capability inventory: File writing and command execution via a general-purpose subagent.
- Sanitization: No specific sanitization logic is implemented for external tool output.
Audit Metadata