C++ Code Formatter
Fail
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill instructs the agent to run
./format.sh, an opaque local script within the project directory. This represents a risk of arbitrary command execution as the script's contents are not defined or verified by the skill. - [COMMAND_EXECUTION] (HIGH): The documentation encourages the use of
sudo apt-get install, which is a privilege escalation risk. Granting root access to install software can be exploited if the package name or source is manipulated. - [EXTERNAL_DOWNLOADS] (LOW): Recommends downloading tools via
apt-getandbrew. While these are generally trusted sources, the action of downloading and installing software during skill execution should be handled with caution. - [INDIRECT_PROMPT_INJECTION] (HIGH): The skill processes external C++ source files and project configuration files with the capability to modify the filesystem and execute scripts.
- Ingestion points: C++ source files located in
src/,include/, andtests/and configuration files like.clang-format. - Boundary markers: Absent; there are no instructions to the agent to disregard malicious instructions embedded in code comments or configuration values.
- Capability inventory: Includes file system modification (
clang-format -i), local script execution (./format.sh), and Git operations. - Sanitization: Absent; the skill does not validate the integrity or safety of the code files before processing them with executable tools.
Recommendations
- AI detected serious security threats
Audit Metadata