codestyle
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a Java-based server binary (
codestyle-server.jar) that is downloaded during initialization. This binary is executed via thescripts/codestyleandscripts/codestyle.batwrapper scripts to handle template search and retrieval tasks. - [EXTERNAL_DOWNLOADS]: The skill performs several external network operations, including downloading the CLI server binary from GitHub and cloning a template repository from the author's GitHub account. It also utilizes
curlandgitto fetch data from user-specified URLs and repositories during the code generation workflow. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its automated code generation workflow that processes untrusted data from external sources.
- Ingestion points: Data enters the agent's context through web crawling via
curland cloning external GitHub repositories as described in the generation workflow (references/generate-workflow.md). - Boundary markers: The documentation does not indicate the use of delimiters or instructions to ignore potential commands embedded within the external content during processing.
- Capability inventory: The skill is capable of executing CLI commands through its JAR-based server and performing network requests to external APIs for template management.
- Sanitization: There is no evidence of input validation or content sanitization for the external data before it is passed to the AI for template analysis and generation.
Audit Metadata