software-enginering
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill suite utilizes a 'Context-Driven Development' pattern where E2E tests are dynamically generated from Markdown tables in context files, creating a surface for indirect injection.
- Ingestion points: Data is sourced from documentation files in the .context/ directory as mentioned in e2e-tests/SKILL.md.
- Boundary markers: There is no specific instruction to treat the ingested data as untrusted or to use markers to isolate it from the generation logic.
- Capability inventory: The skill allows for script generation and command execution via cargo, uv, and bun.
- Sanitization: No explicit sanitization or validation is required for table inputs used to generate file paths or test functions.
Audit Metadata