supercharge
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and processes external, untrusted codebases during its 'SCAN' and 'CHARACTERIZE' phases. Malicious instructions embedded in the target codebase (e.g., in comments or string literals) could attempt to influence the agent's actions.
- Ingestion points: The 'Phase 2: SCAN' step uses parallel sub-agents to read and analyze all source files within the user's project directory.
- Boundary markers: The skill attempts to mitigate injection by using specific prompts for sub-agents and a 'Verify Scan Results' step that treats agent reports as claims rather than evidence.
- Capability inventory: The skill can modify the file system (Phase 5: EXECUTE) and execute shell commands (Phase 6: VERIFY), including running package-specific test runners and linters.
- Sanitization: The skill relies on 'Red Flag Language' checks and rigorous 'Red-Green-Refactor' testing cycles to detect and prevent behavioral anomalies.
- [COMMAND_EXECUTION]: The skill dynamically identifies and executes standard development tools based on the detected project stack. This includes running commands like
npm test,pytest,go test,ruff, andtscto verify that refactoring does not break existing functionality.
Audit Metadata