faas
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill implements a workflow that ingests untrusted data from external URLs, files, and images to drive agent development actions.\n
- Ingestion points: The skill accepts external URLs (GitHub, Linear, Notion), local files (PRDs, user stories), and screenshots as inputs to determine feature intent.\n
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the fetched external data.\n
- Capability inventory: The agent is instructed to explore the filesystem using
GlobandGrep, create a specific directory structure (./faas/), and scaffold new source and test files.\n - Sanitization: No explicit validation or sanitization of content from external URLs is specified.\n- [COMMAND_EXECUTION]: The framework directs the agent to explore the project directory via
GlobandGreptools and to perform file system operations including directory creation and code scaffolding.\n- [EXTERNAL_DOWNLOADS]: The skill instructions specify fetching content from remote URLs, including third-party platforms like GitHub, Linear, and Notion, to build context for the feature implementation.
Audit Metadata