Running Validation Loops
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructs the agent to capture and analyze full error output from external processes, creating a surface for indirect prompt injection.
- Ingestion points: Error output from
npm run validatecaptured in the process workflow. - Boundary markers: Absent; there are no instructions to delimit the error output or treat it as untrusted data.
- Capability inventory: The skill has the capability to execute shell commands (
npm run validate) and modify local source code files. - Sanitization: Absent; the agent is encouraged to analyze the root cause directly from the captured output without filtering.
- Command Execution (SAFE): The skill executes
npm run validate, which is a standard development command. This behavior is consistent with the primary purpose of the skill and does not involve unauthorized privilege escalation or network access.
Audit Metadata