trae-skill-writer
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted project data to generate AI instructions.
- Ingestion points: The Project Scanner and Tech Stack Analyzer agents read external files such as package.json, READMEs, and source code comments to derive context.
- Boundary markers: The logic lacks explicit delimiters or instructions to ignore potential commands embedded within the data it analyzes.
- Capability inventory: The skill performs local file system reads and generates markdown files (SKILL.md) that define future AI behaviors.
- Sanitization: No sanitization or filtering logic is present to identify malicious instructions hidden in the analyzed project data before incorporating them into the generated skills.
Audit Metadata