work-with-justfiles
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempt to bypass safety filters, override system prompts, or extract system instructions. The content is strictly limited to project organization guidance.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were identified. Examples use generic placeholders like 'myapp_dev'.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill contains illustrative examples of shell commands (npm, docker, terraform) within documentation blocks, but does not include any scripts, automation, or remote downloads that execute these commands.
- [Indirect Prompt Injection] (LOW): The skill describes patterns for accepting command arguments (e.g.,
test file: npm test {{file}}). This represents a standard input surface. The skill proactively suggests using the[confirm]attribute for dangerous operations like database resets, which is a security-positive recommendation. - Ingestion points: Justfile recipe arguments (SKILL.md)
- Boundary markers: Use of curly braces
{{arg}}for interpolation. - Capability inventory: Illustrative examples of package management and infrastructure tools.
- Sanitization: Recommends human-in-the-loop confirmation for sensitive recipes.
Audit Metadata