fix-it-never-work-around-it
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill uses authoritative 'Critical Rules' and emoji markers (🚨) to override standard agent heuristic and safety logic regarding 'helpfulness'. It explicitly commands the agent to ignore its own intuition to be helpful if a prescribed process fails.
- Indirect Prompt Injection (LOW): The skill establishes a mandatory reactive loop based on external data (tool failures/logs).
- Ingestion points: Tool outputs and build logs as seen in the 'Anti-patterns' section (SKILL.md).
- Boundary markers: None; the agent does not use delimiters to isolate tool output from instruction context.
- Capability inventory: The agent is expected to execute bash commands and modify source code to 'fix the root cause'.
- Sanitization: No validation or sanitization of tool error messages is performed before the agent acts on the 'failure'. An attacker who can trigger a specific error message could potentially influence the agent's 'fixing' actions.
Audit Metadata