clean-code
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill mandates the execution of multiple Python scripts (e.g.,
ux_audit.py,api_validator.py,security_scan.py) located in a hidden.agent/skills/directory. These scripts are external to the skill's provided content, and their execution represents a risk of running unverifiable local code. - [PROMPT_INJECTION] (LOW): The skill contains instructions for 'Indirect Prompt Injection' surface. Specifically, it directs the agent to 'capture ALL output' from external scripts and 'Parse the output'. If the files being scanned contain malicious strings designed to be interpreted as instructions, the agent may be misled during the summarization or fixing phase (Tool Output Poisoning).
- [Metadata Poisoning] (SAFE): The skill uses a 'priority: CRITICAL' metadata header. While intended to influence agent attention, it does not contain malicious injection patterns or deceptive capabilities.
Audit Metadata