122-java-type-design
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands (
mvn compile,./mvnw compile,mvn clean verify) to validate Java projects. While these are standard developer tools, the execution of the project-local Maven wrapper (./mvnw) involves running a script within the target project directory. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it analyzes and refactors user-supplied Java code.
- Ingestion points: Java source code files provided by the user.
- Boundary markers: Absent.
- Capability inventory: Shell command execution via Maven tools as defined in SKILL.md and references/122-java-type-design.md.
- Sanitization: The skill does not perform sanitization or isolation of the code being processed.
Audit Metadata