sc
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill explicitly utilizes the Bash tool to perform core development tasks such as project building, test execution, and Git operations. These commands are triggered by subcommands like build, test, and git.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its handling of external project content.
- Ingestion points: The skill reads external data via the analyze, load, index, and workflow commands, which process files, project structures, and PRD documents.
- Boundary markers: The instructions lack explicit delimitation or instructions for the agent to ignore potentially malicious directions embedded within the analyzed data.
- Capability inventory: The agent has access to highly capable tools including Bash (shell execution), Edit/Write (file system modification), and the Task tool (agent orchestration).
- Sanitization: There are no explicit sanitization, filtering, or validation steps defined to verify the integrity of external content before it is processed by the agent.
Audit Metadata