cruise-control
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
node scripts/run-ast-analysis.mjs analyze .to perform Abstract Syntax Tree (AST) analysis on the local project directory for deep code inspection.- [COMMAND_EXECUTION]: Provides shell commands for users to monitor progress by runningcat .stackshift-state.json | jqin the terminal.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted source code from the local directory to drive the 'Reverse Engineer' and 'Create Specifications' phases. - Ingestion points: The local file system is scanned by the
run-ast-analysis.mjsscript and thestackshift:code-analyzeragent. - Boundary markers: The skill does not define explicit boundary markers or instructions for the agent to ignore potentially malicious content within the ingested code comments or structures.
- Capability inventory: The skill possesses significant capabilities, including reading the entire codebase, writing generated documentation to
docs/reverse-engineering/, creating feature specifications in.specify/, and performing code implementation in 'Gear 6'. - Sanitization: No sanitization or validation of the ingested code content is mentioned before it is processed by the LLM to generate implementation plans.
Audit Metadata