make-it-pretty
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill directs the agent to execute multiple bash commands for formatting (
npx prettier,black,gofmt,cargo fmt) and git operations (git diff,git stash). This provides a significant capability surface that could be abused if the agent is misled by malicious code content. - [EXTERNAL_DOWNLOADS] (LOW): Using
npxcan trigger downloads from the npm registry, introducing a dependency on external, remote code at runtime. - [DATA_EXPOSURE] (LOW): The skill reads project source code and git history to identify formatting targets, providing access to potentially sensitive project data.
- [PROMPT_INJECTION] (LOW): The skill contains self-authoritative instructions (e.g., 'I will NEVER modify git config') which are safety claims that must be evaluated as data rather than trusted rules.
- [INDIRECT_PROMPT_INJECTION] (LOW):
- Ingestion points: Processes arbitrary code files and git diff outputs.
- Boundary markers: None; there are no delimiters to isolate instructions found in code comments from legitimate code.
- Capability inventory: File system read/write, shell execution, and git repository manipulation.
- Sanitization: No evidence of sanitization of file content or paths before execution.
Audit Metadata