code-generator
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via the design documents it processes. * Ingestion points: Reads design documents provided by the user in Step 1 to drive the code generation workflow. * Boundary markers: The workflow does not define specific delimiters or instructions to ignore instructions embedded within the design documents. * Capability inventory: The skill explicitly claims file read/write capabilities within its Capability Boundaries section. * Sanitization: There are no documented mechanisms to sanitize or validate the content of the design documents before they are used to generate file-writing operations.
Audit Metadata