beautiful-code
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to ingest and act upon untrusted external source code files (Ingestion points) for the purpose of code review and refactoring (Capabilities). It lacks explicit boundary markers or instructions to ignore embedded malicious instructions (Boundary markers) and does not specify sanitization or validation of the ingested code (Sanitization).
- Unverifiable Dependencies (MEDIUM): The skill references local scripts (scripts/check_changed.sh, scripts/check_all.sh) and directory-based configurations (configs/) that are not included in the provided file, creating unverified execution paths during enforcement steps.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata