ts-jsdoc-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The instructions in
SKILL.mdcontain directives that explicitly tell the AI to ignore user preferences and configuration files if they conflict with the skill's rules. Specifically, it states: 'THIS REQUIREMENT TAKES PRECEDENCE' over user settings inCLAUDE.md, which is a behavioral override pattern. - Indirect Prompt Injection (LOW): The skill's primary function is to process external code, which introduces an injection risk. 1. Ingestion points: User-provided TypeScript source code. 2. Boundary markers: Absent; the skill does not define delimiters for code blocks or instruct the agent to ignore instructions embedded in comments within the source code. 3. Capability inventory: The agent is tasked with inferring design intent and generating modified code. 4. Sanitization: Absent; there is no validation or filtering process for the content of the ingested code or its comments.
Audit Metadata