justfile-authoring
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (SAFE): The skill processes existing local justfiles for context, creating a theoretical surface for indirect prompt injection. However, this is inherent to its primary purpose and no malicious intent is present. 1. Ingestion points: Reads justfile and .justfile from the working directory. 2. Boundary markers: Absent, but typical for context-aware editing. 3. Capability inventory: Restricted to file authoring. 4. Sanitization: None required for configuration editing.
- No Code (SAFE): The skill contains no executable scripts or binaries, limiting the attack surface to the provided markdown instructions.
Audit Metadata