development-ai-tools
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill implements a 'Reference System' that mandates the agent use external files (
references/patterns.md,references/sharp_edges.md,references/validations.md) as the absolute source of truth for code generation and validation. - Ingestion points: Multiple files in the
references/directory are loaded into the agent's context at runtime. - Boundary markers: Absent. There are no instructions to sanitize these inputs or ignore instructions embedded within them; in fact, the agent is told to 'Ignore generic approaches' in favor of these files.
- Capability inventory: The skill is capable of 'full application generation' and 'code generation', which are high-privilege operations.
- Sanitization: None present. If the reference files are compromised or contain adversarial instructions, they can manipulate the agent into generating malicious software or disregarding its core safety filters.
Recommendations
- AI detected serious security threats
Audit Metadata