idea-to-production
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements an autonomous workflow triggered by user requests, creating a surface for indirect prompt injection. ● Ingestion points: Chat input such as 'Build me X'. ● Boundary markers: None defined. ● Capability inventory: Local command execution via pnpm and file access to .claude configuration. ● Sanitization: No input validation described.
- [COMMAND_EXECUTION]: The skill utilizes standard project commands like pnpm turbo run for automated testing and linting within the local development environment.
Audit Metadata