precommit
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to run scripts from the project's local configuration, specifically using
npm run lint-fix,npm run lint, andnpm test. This capability allows for the execution of arbitrary commands if thepackage.jsonfile has been maliciously modified. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and acts upon content from
package.json, which is an external and potentially untrusted data source. 1. Ingestion points: package.json (SKILL.md). 2. Boundary markers: Absent; there are no instructions to delimit or treat the script contents as untrusted data. 3. Capability inventory: Execution of shell commands via the npm CLI (SKILL.md). 4. Sanitization: Absent; the skill does not validate or sanitize the script values before execution.
Audit Metadata