Skills
skills/openclaw/skills/senior-fullstack/Gen Agent Trust Hub

senior-fullstack

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill documentation requires the agent to execute local scripts (scripts/project_scaffolder.py and scripts/code_quality_analyzer.py) via the python command. Since these scripts are provided by an untrusted third-party author ('alirezarezvani') and were not included in the analysis package, their behavior is unknown and could include malicious system-level operations.
  • [PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8).
  • Ingestion points: Any file within the project_path provided to the code_quality_analyzer.py tool.
  • Boundary markers: None identified. The agent is instructed to process the tool's output directly.
  • Capability inventory: The skill reads file content and produces a summary that influences the agent's next steps (e.g., 'Address P0 issues immediately'). This allows an attacker to hide instructions in a codebase that the agent may interpret as authoritative security recommendations.
  • Sanitization: None mentioned. The skill lacks mechanisms to distinguish between code content and malicious natural language instructions embedded within that code.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 02:54 PM