zod-extract
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it processes untrusted data and has the capability to write to the filesystem.
- Ingestion points: The skill searches through and reads the contents of TypeScript/JavaScript source files in the repository to identify Zod schema patterns.
- Boundary markers: Absent; the instructions do not provide delimiters or specific prompts to the agent to ignore instructions that might be embedded in comments or strings within the scanned code.
- Capability inventory: The agent is instructed to create new files in the validations directory, update existing source files to change imports, and modify the validations index file.
- Sanitization: Absent; there are no instructions to validate or sanitize the extracted code segments before re-inserting them into the project structure.
Audit Metadata