service-class-conventions
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill specifies a 'Memory Protocol' in the SKILL.md file that directs the agent to execute the shell command
cat .claude/context/memory/learnings.mdto retrieve stored context. - [PROMPT_INJECTION]: The skill processes untrusted content from local Java files and a memory file, creating an attack surface for indirect prompt injection where malicious instructions could attempt to influence the agent's behavior.
- Ingestion points: Java source files targeted by the glob
**/src/main/java/com/example/services/*.javaand the memory file located at.claude/context/memory/learnings.md. - Boundary markers: There are no specific delimiters or instructional barriers defined to prevent the agent from obeying instructions found within the analyzed files.
- Capability inventory: The agent is equipped with
Read,Write, andEdittools, allowing it to modify the file system based on processed input. - Sanitization: No evidence of data sanitization, validation, or escaping logic was found in the skill configuration.
Audit Metadata