biomejs
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Prompt Injection] (LOW): The skill identifies a surface for indirect prompt injection (Category 8).
- Ingestion points: The agent reads project source files and
biome.jsonconfiguration files across several files includingSKILL.mdandreferences/. - Boundary markers: There are no specific markers or instructions to the agent to ignore or delimit potentially malicious instructions embedded in the source code it analyzes.
- Capability inventory: The skill facilitates shell command execution (
biome,npm,jq) and file system modifications via linting auto-fixes. - Sanitization: No sanitization of project file content is performed before processing.
- [Command Execution] (SAFE): The skill utilizes standard development commands for BiomeJS and shell utilities like
jqfor log analysis. These commands are appropriate for the intended purpose and operate on local data.
Audit Metadata