ln-813-runtime-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute system commands for running tests and linters to verify its modifications. This capability relies on the integrity of the local environment and the project's test definitions, which could be exploited if malicious code is present in the test suite.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it ingests data from
docs/project/persistence_audit.mdto drive its automated code edits. If an attacker can influence the contents of this audit report, they could potentially lead the agent to perform unintended code modifications. - Ingestion points: Audit findings are loaded from
docs/project/persistence_audit.mdor arbitrary target files provided at runtime. - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are present to isolate the processed data from the agent's core instructions.
- Capability inventory: The skill has the capability to modify source code (Phase 3) and execute shell commands via tests and linters.
- Sanitization: There is no evidence of sanitization, validation, or escaping of the findings before they are used to determine code changes.
Audit Metadata