Skills
skills/oimiragieo/agent-studio/vercel-ai-sdk-best-practices/Gen Agent Trust Hub

vercel-ai-sdk-best-practices

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a shell command to maintain session context.
  • Evidence: The 'Memory Protocol' section in SKILL.md explicitly directs the agent to run cat .claude/context/memory/learnings.md before starting a task.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its operational model.
  • Ingestion points: The skill operates on and reviews code files matching the app/**/* glob configuration.
  • Boundary markers: Absent; there are no instructions or delimiters defined to ensure the agent ignores or sanitizes instructions that might be embedded in the files being reviewed.
  • Capability inventory: The skill utilizes Read, Write, and Edit tools, and includes instructions for shell command execution.
  • Sanitization: Absent; no validation, escaping, or filtering mechanisms are described for the content ingested from the target application files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 07:48 AM