test
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the use of the $ARGUMENTS variable.
- Ingestion points: The skill accepts a $ARGUMENTS parameter from the user or agent workflow in SKILL.md.
- Boundary markers: There are no protective boundary markers or instructions to isolate the user-provided arguments from the command execution context.
- Capability inventory: The skill utilizes the Bash tool to execute flutter test and melos commands.
- Sanitization: No sanitization, escaping, or validation logic is present to ensure that $ARGUMENTS does not contain malicious shell metacharacters.
- [COMMAND_EXECUTION]: The skill performs command execution based on user-supplied input. Evidence: The command 'flutter test $ARGUMENTS' in SKILL.md directly appends user input to a bash command string. This pattern is dangerous as it allows an attacker to execute arbitrary commands by providing input such as '; malicious_command' or using pipes and redirects.
Audit Metadata