angular-best-practices-rule-creator
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access to sensitive files were identified. The skill's behavior is entirely consistent with its primary purpose as a repository-specific contributor tool.
- [COMMAND_EXECUTION]: The skill references local build commands (
npm run build) to generate project documentation. These commands are standard for development workflows and do not involve privilege escalation or the execution of untrusted remote code. - [PROMPT_INJECTION]: The skill acts as an ingestion surface for indirect prompt injection as it transforms user-provided rule descriptions into files.
- Ingestion points: User input for creating rule content and library definitions in
SKILL.md. - Boundary markers: Not present.
- Capability inventory: The skill writes new files to the
rules/andskills/directories and modifiespackages/angular-best-practices-build/src/config.ts. - Sanitization: The skill enforces strict template constraints, including maximum line counts (under 50 lines) and limited code blocks, which restricts the potential impact of malicious input.
Audit Metadata