311-frameworks-spring-jdbc
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill mandates the execution of shell commands (
./mvnw compile,mvn clean verify) to validate project state and refactoring changes. This provides an execution path for local build tools which could be exploited by malicious build configurations (e.g., in a pom.xml) within the project being analyzed.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection (Category 8) as it ingests and processes untrusted user-controlled data (Java source code, SQL scripts, and Maven configurations) while maintaining the capability to execute system commands. \n - Ingestion points: Reads and analyzes project source files including Java, SQL, and build configuration files (SKILL.md and references/311-frameworks-spring-jdbc.md).\n
- Boundary markers: None present; user code is analyzed directly within the agent's context without delimiters or instructions to ignore embedded commands.\n
- Capability inventory: The skill uses subprocess execution via Maven (
mvn,./mvnw) to compile and verify code.\n - Sanitization: No validation or sanitization of the project files or build configurations is performed prior to command execution.
Audit Metadata