code-quality
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill executes a local shell script at 'skills/code-quality/scripts/finalize.sh' to perform its tasks. The script's content is not visible, creating a security blind spot regarding its file system and network activities.
- [PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8). 1. Ingestion points: It processes source code, TypeScript, and Markdown files from the repository. 2. Boundary markers: No delimiters or ignore-instructions are used to isolate file content. 3. Capability inventory: The skill can modify files (auto-fixes) and execute subprocesses (bash). 4. Sanitization: There is no validation or filtering of external content, meaning malicious instructions in code comments or configuration files could potentially hijack the agent's logic.
Recommendations
- AI detected serious security threats
Audit Metadata