dev-new-tool
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from the web and using it to influence planning and execution. \n
- Ingestion points: Web search results for tool research and API documentation (Phase 1). \n
- Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded malicious prompts within retrieved web content. \n
- Capability inventory: The skill can create directories, write plan files (Phase 3), initialize modules using system commands (Phase 4), and execute verification tools (Phase 5). \n
- Sanitization: No validation or sanitization of external data is specified before it is used in the workflow. \n- [COMMAND_EXECUTION]: The workflow incorporates system command execution for project initialization and code quality checks. \n
- Evidence: Includes the use of commands like
go mod init,npm init,go vet, andeslintduring the scaffolding and verification phases.
Audit Metadata