pure-admin-thin-crud-gen
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands like 'rg' and 'awk' to parse local API files and 'pnpm' to validate generated code. These operations are scoped to the local repository and necessary for the skill's purpose.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it parses local source code files to generate UI components. Malicious content within the parsed files could potentially influence the AI's code generation logic. 1. Ingestion points: 'src/api/swagger/Api.ts' and 'src/api/api.ts'. 2. Boundary markers: No explicit delimiters or instructions are provided to the agent to disregard instructions found within the data being parsed. 3. Capability inventory: The skill generates and writes files to the local filesystem and executes local commands for verification. 4. Sanitization: No sanitization logic is specified for the input data derived from repository files.
Audit Metadata