Skills
skills/paulkinlan/co-do/type-design-analyzer/Gen Agent Trust Hub

type-design-analyzer

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is designed to process untrusted data.
  • Ingestion points: The skill uses Read, Glob, and Grep tools to ingest content from local files and pull requests for analysis.
  • Boundary markers: None. The instructions do not specify delimiters or provide guidance to the agent to ignore instructions embedded within the code being analyzed.
  • Capability inventory: The agent has access to Bash and TodoWrite tools, which could be leveraged if an injection attack succeeds.
  • Sanitization: None. There is no mechanism described to sanitize or validate the content of the analyzed files before processing.
  • [COMMAND_EXECUTION]: The skill explicitly allows the use of the Bash tool.
  • While the skill itself does not contain malicious commands, the presence of the Bash tool combined with the ingestion of untrusted external code creates a risk surface where a maliciously crafted code comment could attempt to execute arbitrary commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 11:35 PM