senior-fullstack
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill's code analysis and scaffolding features ingest local project files, creating a surface for indirect prompt injection. Ingestion points:
fullstack_scaffolder.py,project_scaffolder.py, andcode_quality_analyzer.pyread local file content. Boundary markers: The documentation lacks explicit delimiters or instructions to ignore embedded instructions in the processed data. Capability inventory: The skill has access to shell commands (npm, pip, docker, kubectl) and script execution. Sanitization: No input validation or sanitization of processed code is mentioned. - [COMMAND_EXECUTION] (LOW): The skill instructs the user to run several Python scripts and package managers. This behavior is standard for the tool's stated purpose but relies on the integrity of the local files and scripts which are not provided for analysis.
Audit Metadata