dependency-alignment
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill constructs and executes shell commands such as
uv pip compileandnpm install --dry-runusing dependency names and version ranges extracted from external 'Tech Spec' documents. If these inputs are not strictly validated or escaped, they could be used to inject malicious shell commands or flags into the host environment. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates untrusted content from technical specifications into its processing pipeline.
- Ingestion points: Extracts dependency requirements from 'Tech Spec imports' and project manifest files.
- Boundary markers: The instructions do not define any markers or delimiters to help the agent distinguish between trusted instructions and untrusted data from the specifications.
- Capability inventory: The agent has the ability to execute shell-based package managers (
uv,npm,yarn,pnpm) which can perform network and file system operations. - Sanitization: The skill does not mention any sanitization or validation logic to ensure that extracted dependency strings are safe before they are used in shell command arguments.
Audit Metadata