apex-replatform
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The validation scripts use unsafe methods to execute commands defined in the target codebase's configuration files.
- Evidence:
scripts/validate.shuseseval "$cmd"to execute strings parsed frompackage.json. - Evidence:
scripts/validate.ps1usesInvoke-Expression $Commandto execute strings parsed frompackage.json. - [PROMPT_INJECTION]: The skill processes untrusted external data (feature specifications and project configurations) which can influence the agent's behavior or trigger unintended actions.
- Ingestion points: Specification files located at
specs/{feature-name}.mdand project manifest files likepackage.json. - Boundary markers: None; the skill reads and interprets the specification content as a 'single source of truth' without delimiters.
- Capability inventory: Access to system shell (
bash,powershell), package managers (npm,npx,go,cargo), and file system write operations. - Sanitization: No sanitization or validation is performed on the command strings extracted from project configuration files before execution.
Audit Metadata