product-stress-test
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Go scripts and Git commands for state assessment, data retrieval, and version control (e.g.,
../../scripts/cmd/assess,../../scripts/cmd/compound). It utilizes shell variables like$SLUGin command lines, which relies on platform-level sanitization to mitigate command injection risks.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted content from PRDs and value propositions to influence the behavior of sub-agents.\n - Ingestion points: Reads files from
.agents/products/prds/and.agents/products/value-propositions/.\n - Boundary markers: The instructions do not define explicit boundary markers or delimiters to isolate document content from agent instructions.\n
- Capability inventory: The agent has capabilities to execute shell commands (
go run,git) and modify files on the local filesystem.\n - Sanitization: There is no evidence of sanitization or validation of the ingested file content before it is passed to evaluator sub-agents.
Audit Metadata