cook-auto-fast
Warn
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains explicit instructions to override standard safety and quality protocols, directing the agent to operate in an "autonomous mode: no user confirmation" and to "skip code review step" when implementing changes.
- [COMMAND_EXECUTION]: The workflow relies on the autonomous execution of subagents and slash commands (such as
/plan-fastand/code) to modify the codebase without requiring human approval for the generated output. - [PROMPT_INJECTION]: The instruction to "Analyze the list of skills at .claude/skills/* and intelligently activate the skills that are needed" encourages the agent to ingest and execute logic from external files without explicit scoping, which could lead to unexpected behavior if those files contain untrusted instructions.
- [COMMAND_EXECUTION]: The skill implements a "scout, plan, and implement" cycle where the implementer subagent is specifically told to "skip code review step", increasing the risk of executing or committing insecure code.
Audit Metadata