scan-effect-solutions
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes the
effect-solutionscommand-line utility with various subcommands (list, show) to perform the audit tasks. This relies on the tool being present and secure within the agent's environment. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it reads and processes untrusted data from the repository being audited.
- Ingestion points: Repository files including
tsconfig.json,.tssource files, and documentation inreferences/. - Boundary markers: Absent. The skill does not employ delimiters to separate untrusted code content from its internal processing instructions.
- Capability inventory: The skill can execute the
effect-solutionstool and read arbitrary files from the filesystem. - Sanitization: Absent. There is no evidence that the content of the files being audited is sanitized or escaped before being used in the agent's context.
Audit Metadata