ent-schema-generator
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a configuration and template provider for the Ent framework. It does not include any executable scripts or binary files within the distribution.- [COMMAND_EXECUTION]: The workflow and hard rules require the generation of standard development commands, such as
make gen/protoandgo test ./..., to be included in the agent's output. These commands are typical for Go project environments and are intended for local repository maintenance.- [SAFE]: Indirect Prompt Injection Surface Analysis:\n - Ingestion points: The skill accepts requirement documents, repository folders, and user prompts as source material (SKILL.md).\n
- Boundary markers: The skill does not define specific delimiters for untrusted input data.\n
- Capability inventory: The skill provides instructions for generating source code files and suggests executing local build commands.\n
- Sanitization: No sanitization or validation of the input requirement content is specified in the instructions.- [SAFE]: All external references, such as
entgo.io, are to well-known technology frameworks and services. All internal file paths (e.g.,cmd/tools/bind/main.go) are consistent with the 'go-sphere' author context and the 'sphere-layout' project structure.
Audit Metadata