wiring-test
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of shell commands via the
Bashtool to verify the functional state ('truths') of an integrated feature, such as running local API tests, build scripts, or CLI commands. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external source files to verify integration patterns and executes shell commands based on identified data. An attacker could potentially embed malicious instructions in the code, comments, or configuration files being reviewed by the agent.
- Ingestion points: The skill uses
Read,Grep, andGlobtools to analyze source code and loom plan stages (e.g.,src/main.rs). - Boundary markers: There are no explicit delimiters or instructions provided to the agent to differentiate between its core instructions and potentially untrusted content within the files being processed.
- Capability inventory: The skill allows the use of powerful tools including
Bash,Write,Edit, andGrep, which could be abused if the agent is misled by malicious data. - Sanitization: The instructions do not define any sanitization, validation, or escaping mechanisms for the commands or content extracted from external files.
Audit Metadata