fix
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill instructs the agent to run
yarn prettierandyarn linc. These are standard project-specific commands used for code formatting and linting. No arbitrary or high-risk command execution patterns were found. - [Remote Code Execution] (SAFE): No external scripts, remote URLs, or unverified package installations are referenced in the instructions.
- [Data Exfiltration] (SAFE): The skill does not perform network operations or access sensitive system paths (e.g., SSH keys, credentials).
- [Indirect Prompt Injection] (LOW): The skill involves processing source code which could contain malicious instructions. However, the use of standard formatters like Prettier minimizes risk as these tools do not execute the content of the files they process. Evidence Chain: 1. Ingestion: Changed source code files. 2. Boundary markers: Absent. 3. Capability: Local yarn command execution. 4. Sanitization: Relies on the security of the underlying linting tools.
Audit Metadata