eslint-prettier-migration
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes the
biomeCLI for migration, checking, and linting. These subprocesses are fundamental to the skill's purpose and do not exhibit dangerous behavior. - PROMPT_INJECTION (SAFE): (Indirect) The skill ingests untrusted project configuration files. This represents an indirect prompt injection surface, but since it is essential for migration and handled by the
biometool, it is categorized as safe. Evidence Chain: 1. Ingestion points: Configuration files like .eslintrc inreferences/eslint-prettier-migration.md. 2. Boundary markers: Absent in agent instructions. 3. Capability inventory: Limited tobiomeCLI commands inSKILL.md. 4. Sanitization: Relies on the migration tool's parsing logic.
Audit Metadata