build
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill identifies and executes arbitrary shell commands for verification, such as build, test, and lint, which are derived from the project context.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the
SPEC.mdfile. It parses this file to determine implementation steps and verification commands without sanitization. - Ingestion points: The skill reads
SPEC.mdandFORMAT.mdat the start of the process. - Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed files.
- Capability inventory: The skill possesses the ability to write to the file system (edit code) and execute shell commands (verification).
- Sanitization: No validation or escaping of the content read from the specification files is performed before it influences the agent's actions.
Audit Metadata