dao-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Indirect Prompt Injection Surface. The skill is designed to ingest and refactor source code files from the local project directory which could contain malicious instructions. * Ingestion points: apps/web/src/db/models/daos/ * Boundary markers: Absent. * Capability inventory: Source code refactoring (write access) and local script execution (scripts/check-dao.js). * Sanitization: Absent.
Audit Metadata