restcontroller-conventions
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The SKILL.md file contains a 'Memory Protocol' that instructs the agent to execute the shell command 'cat .claude/context/memory/learnings.md' as a mandatory step. This establishes a pattern of executing system-level commands based on static instructions.
- [PROMPT_INJECTION]: The skill utilizes authoritative directives like 'MANDATORY' and 'ASSUME INTERRUPTION' to control agent state and behavior. Additionally, the skill processes external Java files, which constitutes an attack surface for indirect prompt injection. 1. Ingestion points: Java source files defined by the glob '**/src/main/java/com/example/controllers/*.java'. 2. Boundary markers: The skill does not specify delimiters or instructions to ignore embedded prompts in reviewed code. 3. Capability inventory: The agent is provided with Read, Write, and Edit tools, alongside the demonstrated ability to execute shell commands. 4. Sanitization: No content validation or sanitization logic is present for external file content.
Audit Metadata