apex-tier3
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local validation scripts (validate.sh and validate.ps1) that execute ecosystem-specific tools like npm, npx, pytest, go, and cargo to verify project state.\n- [COMMAND_EXECUTION]: The validation logic uses eval (Linux/Mac) and Invoke-Expression (Windows) to run commands constructed from project metadata. While these follow predefined templates, the execution is performed dynamically.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading and acting upon data in project configuration files like package.json.\n
- Ingestion points: Project metadata files (package.json, pyproject.toml, etc.) and directory structures accessed during validation.\n
- Boundary markers: None identified; there are no explicit delimiters to isolate project-sourced data from the validation logic.\n
- Capability inventory: Execution of shell commands and build processes through the validation scripts.\n
- Sanitization: Relies on basic string matching and parsing (grep, ConvertFrom-Json) without strict input validation.
Audit Metadata