fix-onboarding
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill relies on output from another tool (
/check-onboarding) to determine its actions. - Ingestion points: Input data enters the agent context from the
/check-onboardingcommand. - Boundary markers: No specific delimiters or instructions are used to isolate the data from the
/check-onboardingoutput. - Capability inventory: The skill can write files (e.g.,
app/onboarding/page.tsx,middleware.ts) and execute shell commands (git checkout,npm testequivalents). - Sanitization: No explicit sanitization or validation of the input data is performed before it is used to determine which UI templates to apply.
- [Dynamic Execution] (LOW): The skill generates and writes executable code (TypeScript/React) to the local filesystem. This is the primary function of the skill and uses predefined, safe templates.
- [Command Execution] (LOW): Uses shell commands for git branching (
git checkout -b) and suggests verification commands. These are restricted to standard development workflows.
Audit Metadata