quality
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill is designed to ingest and process external content (source code, test logs) to perform modifications (fixing tests, improving quality). This creates a high-risk surface where malicious instructions embedded in the processed code or comments could influence the agent's behavior. \n
- Ingestion points: Processes user codebases and test outputs as defined in the activation triggers (testing, code review). \n
- Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the provided templates. \n
- Capability inventory: The skill description implies the capability to write or modify local source code and configuration files. \n
- Sanitization: No sanitization or validation of the processed code is specified. \n- DATA_EXFILTRATION (LOW): The Lighthouse CI configuration in
lighthouserc.jsusestemporary-public-storagefor report uploads. This publicly exposes performance and accessibility reports of the application being tested to external Google-managed storage, which could contain metadata about the internal infrastructure or application structure.
Recommendations
- AI detected serious security threats
Audit Metadata