cruise-control
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script
node scripts/run-ast-analysis.mjs analyze .during the Gear 1 phase. While this is a functional part of the developer tool, it represents a command execution pattern on the local environment. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and processes untrusted data from the user's project to drive subsequent automated actions.
- Ingestion points: The skill reads all project files for analysis in Gear 1 and documentation extraction in Gear 2.
- Boundary markers: There are no explicit boundary markers or instructions mentioned to prevent the agent from following directions embedded within the source code being analyzed.
- Capability inventory: The skill can execute local scripts (
node scripts/run-ast-analysis.mjs), read the filesystem, and write new code/specifications via the/speckit.implementand/speckit.taskscommands. - Sanitization: No sanitization or filtering of the analyzed source code is described before the content is passed to downstream LLM agents for specification and implementation.
Audit Metadata