configure-all
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Bash commands including find, grep, and cat to search for project indicators and read configuration files within the local directory.\n- [PROMPT_INJECTION]: The skill processes untrusted data from project files which creates a surface for indirect prompt injection attacks.\n
- Ingestion points: The skill reads content from .project-standards.yaml, package.json, pyproject.toml, and Cargo.toml.\n
- Boundary markers: No explicit delimiters or instructions are used to distinguish untrusted file content from system prompts.\n
- Capability inventory: The skill is authorized to use Bash for shell command execution and SlashCommand to invoke other skills.\n
- Sanitization: Content from project configuration files is interpolated into the workflow without prior validation or sanitization.
Audit Metadata