fixing-code
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to run standard linting and testing utilities like make, go, ruff, pytest, and bun. Execution is restricted to these specific command patterns.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface where it passes raw output from external tools into the prompts of subagents.
- Ingestion points: Phase 1 captures output from shell commands in files and tool outputs.
- Boundary markers: No explicit delimiters or ignore instructions are used to separate tool output from subagent prompts.
- Capability inventory: The skill can execute restricted bash commands, spawn tasks, and edit files.
- Sanitization: No sanitization or filtering of the captured command output is performed before interpolation into agent prompts.
Audit Metadata