ionic-appflow-migration
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted repository content to determine migration steps, which creates a surface for indirect prompt injection attacks where malicious instructions in the codebase could influence agent actions.\n
- Ingestion points: Searches repository files for specific Appflow strings and configurations as described in Step 1 of
SKILL.md.\n - Boundary markers: Absent. No delimiters or instructions to ignore embedded commands are specified for the scanning process.\n
- Capability inventory: The skill is authorized to install/remove packages, modify CI/CD workflows, and delete CI secrets as described in
SKILL.md.\n - Sanitization: Absent. There is no mention of validating or escaping content found within the repository before the agent processes it.
Audit Metadata