gamedev-expert
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a mandatory 'Memory Protocol' that requires the agent to execute a shell command (
cat .claude/context/memory/learnings.md) to read internal session history. While intended for context maintenance, this involves direct execution of commands on system-internal files. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the following surface:
- Ingestion points: The skill reviews external source code files (DragonRuby, Ruby, Unity) for architectural and style compliance.
- Boundary markers: No delimiters or instructions to disregard embedded directives in processed data are provided.
- Capability inventory: The skill's allowed tools include
Bash,Write,Edit,Read,Grep, andGlob, enabling extensive filesystem and command-line operations if malicious instructions are encountered in user-provided code. - Sanitization: No input validation or filtering is performed on the content being reviewed.
Audit Metadata