vibe-coding
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill focuses on legitimate task orchestration. No bypass markers, jailbreak attempts, or system prompt extraction patterns were found.
- Data Exposure & Exfiltration (SAFE): Explicit guardrails in
references/CHECKLISTS.mdandreferences/RUBRIC.mdforbid requesting or storing secrets and credentials. No patterns for exfiltrating sensitive local files (e.g., ~/.ssh, .env) were observed. - Obfuscation (SAFE): No Base64, zero-width characters, homoglyphs, or encoded commands were detected across any of the files.
- Command Execution & Remote Code Execution (SAFE): While the skill involves generating and running code, it enforces a 'least privilege' model and requires confirmation for risky actions. It does not contain pre-defined malicious remote script downloads.
- Indirect Prompt Injection (SAFE):
- Ingestion points: User-provided "Prototype goal" and "Data/integrations" in
SKILL.md. - Boundary markers: Prompt templates in
references/TEMPLATES.mddefine structured interactions to separate intent from execution. - Capability inventory: File writing and command execution are performed during the "Scaffold" and "Iterate" steps.
- Sanitization: The workflow requires manual verification and confirmation gates for risky operations.
- Dynamic Execution (SAFE): The skill's primary purpose is prototyping, which involves generating code from known templates. This behavior is expected and mitigated by strong safety instructions.
Audit Metadata