solid-nextjs
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses directive markers like "CRITICAL" and "MANDATORY" to override standard behavior. It explicitly instructs the agent to falsify the current date to "January 2026," which is a technique that can be used to manipulate search results or attempt to bypass temporal-based safety constraints.
- [COMMAND_EXECUTION]: The skill mandates the use of local shell commands, specifically
npx jscpd ./src --threshold 3, for codebase analysis during the development workflow. - [PROMPT_INJECTION]: An indirect prompt injection surface is present due to the mandatory research phase using external search tools.
- Ingestion points: The
SKILL.mdfile specifies that the agent must useExaweb search andContext7to retrieve documentation and trends. - Boundary markers: There are no instructions to use delimiters or ignore potentially malicious instructions embedded in the retrieved web content.
- Capability inventory: The skill allows the agent to write code, execute shell commands, and spawn additional specialized agents via
TeamCreate. - Sanitization: The instructions lack any requirement for the validation or sanitization of data retrieved from external web sources before it is incorporated into the codebase.
Audit Metadata