verification-loop
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill explicitly directs the agent to execute shell commands for software development tasks, including building projects (
npm run build), type checking (npx tsc,pyright), linting (ruff), and running test suites. It also usesgitfor difference analysis andgrepfor local secret scanning. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks (Category 8).
- Ingestion points: The agent ingests data from the local file system and external tool outputs (e.g., test results, linting errors, and grep matches) as defined in the verification phases of
SKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within tool outputs are provided.
- Capability inventory: The skill possesses extensive subprocess execution capabilities (
npm,pnpm,npx,pyright,ruff,grep,git) and read access to the repository files. - Sanitization: No sanitization, escaping, or validation of the ingested tool output is performed before the agent processes the information to generate the final verification report.
Audit Metadata