lint-fix
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill invokes
metta lint --fixto perform automated code corrections. This is the primary stated purpose of the skill and does not involve arbitrary command injection. - [Indirect Prompt Injection] (LOW): The skill processes linter output which may contain snippets from external source code. While this presents a surface for indirect injection (e.g., instructions hidden in comments), the risk is mitigated by the specific context of linting and is a necessary part of the code-fixing workflow.
- Ingestion points: Lint output from local files.
- Boundary markers: None explicitly defined in instructions.
- Capability inventory: File modification and command execution (
metta lint). - Sanitization: Relies on the agent's internal logic for manual code fixes.
Audit Metadata