Skills
skills/djankies/claude-configs/avoiding-any-types/Gen Agent Trust Hub

avoiding-any-types

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill is designed to analyze and modify untrusted TypeScript source code. Because the agent is granted Write, Edit, and Bash permissions, it is vulnerable to malicious instructions embedded within the files it processes (e.g., in comments or string literals).
  • Ingestion points: External code files accessed through Read, Glob, and Grep tools.
  • Boundary markers: Absent. The skill provides no instructions to separate data (the code) from instructions or to ignore embedded commands.
  • Capability inventory: The agent can modify files (Write, Edit) and execute shell commands (Bash).
  • Sanitization: Absent. There is no requirement to sanitize or validate the content of the files before processing them.
  • [Command Execution] (MEDIUM): The skill requires the use of the Bash tool to run npx tsc --noEmit. While this specific command is a standard development practice, the presence of broad shell access increases the risk if the agent's logic is subverted via input data.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:37 PM