dev-loop
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes local shell scripts (./dev.sh) and system utilities such as tail and socat to manage the development cycle and interact with Unix sockets.
- [EXTERNAL_DOWNLOADS]: Instructs the user to install the cargo-watch utility via the standard Rust package registry.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by monitoring and interpreting application logs and stdout.
- Ingestion points: Application stdout/stderr and session log files (~/.scriptkit/logs/latest-session.jsonl).
- Boundary markers: No delimiters or explicit instructions to ignore embedded commands in log data are present.
- Capability inventory: The skill utilizes subprocess execution, background task management, and file system access.
- Sanitization: Log content is read and displayed to the agent without validation or sanitization.
Audit Metadata