impl-pad
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to follow instructions, implementation plans, and behavior specifications from an external file named pad.md.
- Ingestion points: pad.md file located within the repository.
- Boundary markers: Absent. The instructions do not define clear delimiters or warnings to ignore potentially malicious embedded instructions in the source file.
- Capability inventory: Includes file system access, code modification, and automated command execution.
- Sanitization: Absent. No validation or sanitization is performed on the content retrieved from pad.md before the agent acts upon it.
- [COMMAND_EXECUTION]: The skill instructs the agent to prioritize automated testing to verify behavior.
- Evidence: The Execution section step 7 specifies: Prioritize automated testing.
- Risk: Because the logic and test scenarios are sourced from an external file, this creates a risk of arbitrary command execution if an attacker provides malicious test commands or scripts within pad.md.
Audit Metadata