django-verification
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs extensive shell operations to run Django management commands, database checks, and various third-party code quality tools (SKILL.md).
- [CREDENTIALS_UNSAFE]: Phase 6 includes a management command for creating a test superuser with hardcoded credentials ('admin@example.com' / 'admin'), which is acceptable in a development/test context but noted for awareness.
- [EXTERNAL_DOWNLOADS]: The verification loop integrates several well-known security and quality tools (e.g., Bandit, Pip-audit, Ruff) from trusted Python and Node.js ecosystems (Phase 5, CI example).
- [PROMPT_INJECTION]: The skill processes untrusted local data including source code, requirements files, and git diff outputs, which constitutes an indirect prompt injection surface (Category 8).
- Ingestion points: Analyzes project files and audit tool outputs (SKILL.md).
- Boundary markers: No specific delimiters or safety instructions are used to isolate untrusted tool outputs from the agent's logic.
- Capability inventory: Extensive subprocess and shell execution capabilities across Python and NPM tools.
- Sanitization: No automated sanitization of external content is performed before interpretation by the agent.
Audit Metadata