spring-boot-dependency-injection
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection due to the combination of reading external content and having high-privilege tool access.\n
- Ingestion points: The agent is instructed to use
Glob,Grep, andReadto analyze Java source files and build configurations (e.g.,pom.xml,build.gradle) which are attacker-controllable.\n - Boundary markers: None. There are no instructions for the agent to ignore or delimit embedded natural language instructions found within the code being analyzed.\n
- Capability inventory: The agent has
Bash(for executing build tests),Write, andEditcapabilities, allowing an injection to result in code modification or arbitrary command execution.\n - Sanitization: No sanitization or validation of external code content is required before processing.\n- [COMMAND_EXECUTION] (MEDIUM): The workflow requires the agent to execute local build scripts (
./gradlew testandmvn test). This presents a security risk where a malicious repository can exploit the agent'sBashtool to execute arbitrary code hidden within the build wrappers or test suite configuration.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata