Skills
skills/diego-tobalina/vibe-coding/build-fix/Gen Agent Trust Hub

build-fix

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill leverages the Bash tool to execute standard build and compilation commands such as mvn, gradlew, and npm. This is the intended primary purpose of the skill to identify errors in a codebase.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of untrusted build logs.
  • Ingestion points: Data enters the agent's context through the output of build commands executed via the Bash tool.
  • Boundary markers: The skill lacks explicit boundary markers or instructions for the agent to ignore instructions embedded within the build output.
  • Capability inventory: The skill has access to powerful tools including Bash, Edit, Read, Grep, and Glob.
  • Sanitization: There is no evidence of sanitization or filtering of the build output before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 02:27 AM