Skills
skills/mindfold-ai/trellis/improve-ut/Gen Agent Trust Hub

improve-ut

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script at ./.trellis/scripts/get_context.py to discover project packages and spec layers. It also invokes standard development tools including git diff, pnpm lint, pnpm typecheck, and pnpm test during its execution flow.- [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface by consuming unit-test specification files (e.g., index.md, conventions.md, integration-patterns.md) as a 'Source of Truth'. Malicious instructions embedded in these files could override agent behavior.
  • Ingestion points: Markdown files located within dynamically discovered unit-test/ directories.
  • Boundary markers: None. The skill explicitly states that if instructions conflict, the external specs 'win'.
  • Capability inventory: Shell command execution (python3, pnpm, git).
  • Sanitization: No sanitization or verification of the ingested specification content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 06:57 PM