bugfix
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute arbitrary build and test commands, such as 'npm test' or 'cargo test', and apply automated code remediation through the 'Executor' phase.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from terminal outputs and error logs to determine its fix strategy and generate code.
- Ingestion points: Terminal outputs, test failure logs, and user-provided symptom descriptions.
- Boundary markers: None identified in the instructions to distinguish between trusted commands and untrusted data.
- Capability inventory: Full terminal command execution via 'memory_terminal' and project-wide file modification capabilities.
- Sanitization: The skill lacks explicit sanitization or validation mechanisms for terminal data before it is interpreted by the Revisionist component.
Audit Metadata