axiom-using-axiom
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill uses extremely forceful language to override the AI's standard decision-making process. Phrases such as 'ABSOLUTELY MUST', 'DO NOT HAVE A CHOICE', 'not negotiable', and 'cannot rationalize your way out' are classic markers of instruction overriding. While the intent appears to be enforcing a specific developer workflow rather than malicious activity, these patterns technically qualify as prompt injection markers.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill mentions project files like
.xcodeprojor.xcworkspace, it does not demonstrate an automated path for ingesting untrusted external data in a way that would trigger a high-risk capability tier. - COMMAND_EXECUTION (SAFE): The skill references specific commands (e.g.,
/axiom:fix-build), but these are internal tool invocations defined within its ecosystem and do not execute arbitrary shell commands on the host system.
Audit Metadata