java-best-practices-security-audit
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of analyzing external, untrusted source code.
- Ingestion points: The skill reads source files (.java), configuration files (.yml, .properties), and build manifests (pom.xml, build.gradle) using Read, Grep, and Glob tools.
- Boundary markers: There are no explicit delimiters or system instructions defined to prevent the agent from mistakenly following instructions embedded within the audited code comments or metadata.
- Capability inventory: The agent has access to the Bash tool for running commands and multiple file system tools, which could be exploited if an injection is successful.
- Sanitization: No sanitization or validation of the code content is performed before the agent processes it.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute standard security auditing and build utilities such as Maven (mvn), Gradle, and Snyk. These operations are essential to the skill's primary purpose but involve running commands based on the contents of the local project directory.
Audit Metadata