verify
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill triggers 'yarn' scripts ('prettier' and 'linc') and calls sub-agents for 'flow' and 'test'. These commands are standard in a JavaScript/React development environment and align with the skill's purpose of verifying code changes before commitment.
- [INDIRECT_PROMPT_INJECTION] (LOW): (1) Ingestion points: The skill operates on the local codebase. (2) Boundary markers: None explicitly mentioned in the instructions. (3) Capability inventory: Execution of local yarn scripts and internal agent workflows. (4) Sanitization: Relies on the integrity of the local repository and the established toolchain. While this constitutes an inherent vulnerability surface common to development tools, the skill itself does not facilitate exploitation or contain malicious instructions.
Audit Metadata