verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a mandatory verification workflow involving the execution of standard development tools, including
pnpmfor Node.js tasks,uvfor Python tasks, andgitfor version control state. These commands are used to provide empirical evidence of code correctness. - [INDIRECT_PROMPT_INJECTION]: The skill instructions require the agent to read and interpret the full output of shell commands and file content searches (using
rg). This creates a surface for indirect prompt injection if external data or test outputs contain malicious instructions. - Ingestion points: Command output (stdout/stderr) from test runners and
rgsearch results for specific patterns inapps/directory. - Boundary markers: Absent. The agent is instructed to read the complete output without specific delimiters or isolation.
- Capability inventory: The agent has capabilities to execute shell commands, read files, and interact with the git repository.
- Sanitization: No explicit sanitization or filtering of command output is defined before the agent processes the information.
Audit Metadata