Skills
skills/mx-space/core/create-module/Gen Agent Trust Hub

create-module

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection and path traversal through the use of the $ARGUMENTS variable.
  • Ingestion points: The <module-name> argument is directly interpolated into the file system path apps/core/src/modules/<module-name>/.
  • Boundary markers: None. The instructions do not specify delimiters or constraints for the user-supplied module name.
  • Capability inventory: The skill instructs the agent to create multiple new files (module, controller, service, model, schema) and perform file-write operations to register these modules in app.module.ts and database.models.ts.
  • Sanitization: Absent. There are no instructions for the agent to validate that the module name does not contain traversal sequences like ../ or restricted characters.
  • Risk: An attacker could provide a module name containing path traversal characters to trick the agent into writing boilerplate code into arbitrary or sensitive directories outside the intended modules folder.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:50 AM