version-updates
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute standard search utilities (find, grep) and development workflows (cargo test, npm test) for project verification. It also invokes a local vendor-provided Python script
plugins/sanctum/scripts/update_versions.pyto automate version increments. - [INDIRECT_PROMPT_INJECTION]: The skill demonstrates an attack surface for indirect prompt injection as it processes untrusted project configuration files (e.g., package.json, Cargo.toml) and may execute shell commands influenced by those files. 1. Ingestion points: local configuration files and changelogs. 2. Boundary markers: none present in the instructions. 3. Capability inventory: Bash tool for command execution and Write/Edit tools for file modification. 4. Sanitization: none detected.
Audit Metadata