gradle-build-performance
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill creates a high-risk surface for indirect prompt injection by having the agent process untrusted external data (build logs and scan results) while having the capability to execute commands. \n
- Ingestion points: Build stdout/stderr and scan report data (SKILL.md).\n
- Boundary markers: Absent; there are no instructions to help the agent distinguish between build output and commands.\n
- Capability inventory: Shell execution via
./gradlew(SKILL.md).\n - Sanitization: None provided for the analyzed output.\n- [COMMAND_EXECUTION] (HIGH): The core workflow requires the agent to run
./gradlewcommands. This capability is dangerous if the agent's logic is compromised by malicious logs or project configurations.\n- [DATA_EXFILTRATION] (LOW): The--scandiagnostic uploads build metadata, including environment details and dependencies, toscans.gradle.com. Users should be aware of this data exposure.\n- [CREDENTIALS_SAFE] (INFO): The configuration for remote build caches correctly uses environment variables (System.getenv) rather than hardcoded credentials.
Recommendations
- AI detected serious security threats
Audit Metadata