init
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by analyzing project content to drive template generation.
- Ingestion points: The skill reads local project files (e.g., code, manifests) during the 'Detect Project Type' phase.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potential instructions embedded in the analyzed project data.
- Capability inventory: The skill is capable of generating and writing critical infrastructure files, including Dockerfile and compose.yaml.
- Sanitization: Project data is not sanitized or validated before being used to influence the generated configuration output.
Audit Metadata