rails-concern
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill ingests untrusted user input to generate executable Ruby code and has high-privilege tools. * Ingestion points: User requests for Rails concerns as described in the metadata. * Boundary markers: Absent; no delimiters are defined to separate user input from system instructions. * Capability inventory: The skill allows the use of Write, Edit, and Bash tools. * Sanitization: Absent; there are no instructions to validate or sanitize user input before it is used in file creation or command execution.
- [Command Execution] (MEDIUM): The skill uses the Bash tool to run Rails tests (e.g., bin/rails test). If the concern names or logic provided by a user contain shell metacharacters, it could lead to arbitrary command execution.
Recommendations
- AI detected serious security threats
Audit Metadata