fullstack-guardian
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is susceptible to Indirect Prompt Injection via untrusted input requirements.
- Ingestion points: Ingests feature requirements, acceptance criteria, and architecture decisions from users or external sources (SKILL.md).
- Boundary markers: The instructions do not define specific boundary markers (e.g., XML tags or clear delimiters) to separate user-provided requirements from system instructions.
- Capability inventory: The skill is designed to implement end-to-end features, including generating backend models, API endpoints, and frontend components.
- Sanitization: There are no instructions for the agent to sanitize or ignore malicious instructions embedded within the requirements it processes.
Recommendations
- AI detected serious security threats
Audit Metadata