prototype
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to modify project configuration files such as
package.json,Makefile,justfile, orpyproject.tomlto add scripts for running the generated prototypes. This is a standard developer workflow for automating local tasks. - [PROMPT_INJECTION]: The skill generates code that ingests external data through terminal keystrokes and URL search parameters (e.g.,
?variant=) to control the prototype's state or UI display. While this represents a surface for indirect prompt injection, the impact is confined to the local prototype's behavior and does not grant access to sensitive capabilities. - [SAFE]: No signs of data exfiltration, credential harvesting, or obfuscation were found. The skill operates within the user's project environment and avoids persistence by defaulting to in-memory state or local scratch files.
Audit Metadata