Skills
skills/oimiragieo/agent-studio/code-style-validator/Gen Agent Trust Hub

code-style-validator

Warn

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/main.cjs uses child_process.spawn to execute a JavaScript file from a computed path within the repository.
  • Evidence: The script at scripts/main.cjs (lines 65-69) invokes spawn(process.execPath, [securityLintPath, ...args], ...) where securityLintPath points to .claude/tools/cli/security-lint.cjs. This file is not included in the provided skill bundle, rendering its behavior unverifiable.
  • [PROMPT_INJECTION]: The skill processes untrusted source code from the user's environment, presenting an indirect prompt injection surface.
  • Ingestion points: The skill's documented process and code examples in SKILL.md utilize fs.readFileSync and ast.parse to ingest and process the content of external files.
  • Boundary markers: No delimiters or safety instructions are defined to prevent the agent from obeying instructions embedded within the analyzed code files.
  • Capability inventory: The skill possesses extensive capabilities, including Read, Grep, Bash, and Glob tools, as well as the ability to spawn subprocesses.
  • Sanitization: There is no evidence of input validation or sanitization of the code content before it is processed by the AST parsers.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 3, 2026, 02:04 PM