cto-assignment-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill suggests verifying assignments using commands such as
yarn install,yarn dev,grep, andtree. Running package installation and execution commands on untrusted codebases (like a candidate's assignment) involves an inherent risk of executing malicious scripts if the project's configuration is compromised. - [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted external codebases and documentation, creating a surface for Indirect Prompt Injection.
- Ingestion points: The agent is instructed to read
README.md,package.json,tsconfig.json, and all source files in thesrc/directory from the candidate's repository. - Boundary markers: There are no explicit instructions or delimiters used to separate the candidate's code from the agent's core instructions, nor are there warnings to ignore instructions embedded in the analyzed code.
- Capability inventory: The agent utilizes shell-based inspection tools (
grep,tree) and is encouraged to verify script execution (yarn). - Sanitization: The skill does not provide mechanisms for sanitizing or filtering the content of the ingested files before analysis.
Audit Metadata