Skills
skills/majesticlabs-dev/majestic-marketplace/rubocop-fixer/Gen Agent Trust Hub

rubocop-fixer

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill reads source code and configuration files which are external and potentially attacker-controlled (e.g., in a PR review context).
  • Ingestion points: Reads .rubocop.yml, .rubocop_todo.yml, and various Ruby files (app/models/user.rb) using cat and Read tools.
  • Boundary markers: None. The instructions do not tell the agent to ignore instructions embedded in the code it reads.
  • Capability inventory: The agent has Write, Edit, and Bash capabilities, allowing it to modify the entire codebase or execute system commands.
  • Sanitization: None. The agent directly interprets the output of files and the linter.
  • [Command Execution] (MEDIUM): The skill frequently uses bundle exec rubocop and its variants. While standard for Rails development, an attacker who can modify the local .rubocop.yml could potentially influence how Rubocop behaves or attempt to load malicious local extensions/plugins that execute during the linting phase.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:22 AM