Skills
skills/fortunto2/solo-factory/solo-pipeline/Gen Agent Trust Hub

solo-pipeline

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute local launcher scripts such as solo-research.sh, solo-dev.sh, and solo-dashboard.sh. These scripts are expected to be part of the vendor's installation package in the plugin root.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted user input and passes it to internal logic.
  • Ingestion points: User arguments (idea name, project name, stack, features) are parsed from the $ARGUMENTS variable in Step 1.
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the user-provided arguments when they are interpolated into the shell command strings.
  • Capability inventory: The skill has access to Bash (command execution), Read/Write (file system access to ~/.solo and project directories), and AskUserQuestion.
  • Sanitization: There is no evidence of argument sanitization or validation to prevent shell injection or malicious command chaining within the provided instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 01:42 PM