configure-formatting
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes project configuration files and external web content, creating a surface for indirect prompt injection.
- Ingestion points: Reads local configuration files such as biome.json, package.json, pyproject.toml, and Cargo.toml. It also fetches version data from external URLs including biomejs.dev, prettier.io, astral.sh, and releases.rs.
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present when processing the content of ingested files or web data.
- Capability inventory: The skill can execute shell commands via Bash (e.g., to install packages or run formatters) and modify project files using Write and Edit tools.
- Sanitization: There is no evidence of input validation or sanitization for fetched web content or local configuration data before it is processed by the agent.
- [COMMAND_EXECUTION]: Executes local commands for project discovery, package management, and formatter operations.
- Uses Bash to run discovery commands like find and grep to identify project types and existing configuration files.
- Executes package managers (npm, bun, uv) to install developer tools and dependencies.
- Runs formatter-specific commands such as biome format, ruff format, and cargo fmt to check compliance and apply fixes.
- [EXTERNAL_DOWNLOADS]: Fetches version information and installs packages from trusted and well-known sources.
- Downloads configuration and version metadata from official project sites for Biome, Prettier, Ruff, and Rust.
- Installs standard formatting packages from NPM (@biomejs/biome, prettier) and PyPI (ruff, black).
- References pre-commit hook repositories from official GitHub organizations associated with the formatting tools.
Audit Metadata