forge-idiomatic-engineer
Pass
Audited by Gen Agent Trust Hub on May 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates project management through the execution of a local shell script (
scripts/orient.sh) and various CLI commands (forge,cargo,sqlx-cli). These tools are used to inspect the environment, validate configuration, and discover project handlers. Each command is intended for local environment discovery and project maintenance.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from the local repository to perform its functions, representing an indirect prompt injection surface.\n - Ingestion points: Files including
forge.toml,src/main.rs, and migration SQL files are read by theorient.shscript and the agent to orient itself within the codebase.\n - Boundary markers: The skill does not explicitly define markers or system instructions to ignore embedded instructions in the ingested code or configuration files.\n
- Capability inventory: The skill instructions and associated scripts grant the agent the capability to execute shell commands, read and write local files, and interact with development services like Docker and PostgreSQL.\n
- Sanitization: There is no evidence of sanitization or filtering of the content read from the repository files before it is processed or added to the agent's context.
Audit Metadata