Sandbox Runner
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The provided file 'SKILL.md' contains only documentation and YAML configuration. It lacks the actual script files needed to implement the described logic.
- [COMMAND_EXECUTION]: The protocol instructs the agent to run potentially untrusted code via commands like 'npm run test', 'npm run lint', and 'npm run build'.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests 'solutions' from external sources without defined sanitization or boundary markers. 1. Ingestion points: 'Solution' input in 'SKILL.md'. 2. Boundary markers: None present. 3. Capability inventory: Execution of 'npm' scripts. 4. Sanitization: No evidence of validation or filtering for the input data.
Audit Metadata