loop-execution-evaluator
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the command
npm run buildto verify the integrity of the build process. While this is the primary purpose of the 'check build' function, it relies on the local environment's configuration and scripts which could be manipulated. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the parsing of
metadata.jsonandspec.md. The logic uses keywords from these untrusted files to determine evaluator dispatch and state updates. - Ingestion points: Processes
metadata.jsonandspec.mdduring the Dispatch Logic phase. - Boundary markers: No specific delimiters or instructions are used to separate data from instructions within the processed files.
- Capability inventory: Includes file system read/write access for
metadata.json, execution of shell commands (npm run build), and the ability to trigger subsequent specialized agent skills. - Sanitization: No evidence of keyword validation or input sanitization before processing the metadata or specification files.
Audit Metadata