sphere-layout-feature-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands for code generation and testing, including
make gen/proto,make gen/docs,make gen/wire, andgo test ./.... - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection (Category 8) as it processes source-of-truth files that could contain malicious instructions.
- Ingestion points: Protocol buffer files (
proto/**), database schema files (internal/pkg/database/schema/**), and configuration files (cmd/tools/bind/main.go). - Boundary markers: No explicit delimiters or instructions are provided to the agent to distinguish between data/code and instructions within these files.
- Capability inventory: The agent performs file reads and executes subprocesses (make, go) based on the state of these ingested files.
- Sanitization: No sanitization or validation of the content of the source-of-truth files is performed before they are used in generation workflows.
- [EXTERNAL_DOWNLOADS]: The skill references and encourages the use of packages from the vendor's official GitHub organization (
github.com/go-sphere/sphere), which is treated as a trusted resource.
Audit Metadata