eval
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The subcommands
checkandreporttrigger the execution of local shell commands such asgrep,test, andbuild. This allows the agent to run arbitrary scripts or binaries present in the project's test and build configurations.\n- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface. 1) Ingestion points: User-provided descriptions in thedefinesubcommand and eval definitions stored in.claude/evals/. 2) Boundary markers: No delimiters or 'ignore' instructions are present. 3) Capability inventory: Includes subprocess calls (grep,test,build) and file writing. 4) Sanitization: No input validation or sanitization is observed before processing external data.
Audit Metadata