metal-shader-expert
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface.
- Ingestion points: External data enters the agent context through the use of
mcp__firecrawl__firecrawl_searchandWebFetchfor research purposes. - Boundary markers: There are no explicit markers or instructions provided to the agent to treat fetched external content as untrusted or to ignore embedded instructions.
- Capability inventory: The skill has the ability to write and edit files and execute shell commands via
Bash(restricted toxcrun,metal, andmetallib). - Sanitization: No sanitization or validation logic is specified for data retrieved from web searches or external documentation.
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to executexcrun,metal, andmetallib. While these are standard tools for compiling and linking Metal shaders and are necessary for the skill's primary function, they involve local code compilation and the use of the powerfulxcrundeveloper utility.
Audit Metadata