java-spring-boot
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill provides an attack surface for indirect injection by processing untrusted user tasks while possessing high-privilege tool access.
- Ingestion points: User tasks passed via prompt or CLI mentioned in
references/GUIDE.md(e.g., `claude "java-spring-boot - [your task description]"`).
- Boundary markers: Absent; no explicit delimiters or instructions to ignore embedded commands are defined in the sample prompts.
- Capability inventory: The skill is granted
BashandWritepermissions inSKILL.md, allowing it to create files and execute commands. - Sanitization: No explicit sanitization or input validation of the natural language task description is implemented before it influences tool usage.
- [Unverifiable Dependencies] (SAFE): The
scripts/validate.pyscript uses standard libraries andPyYAML. No remote code execution or piped bash scripts from external URLs were detected. - [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network calls were found. The skill configuration uses placeholders and environment variables.
- [Obfuscation] (SAFE): No evidence of Base64 encoding, zero-width characters, or homoglyph-based evasion was found in any of the files.
Audit Metadata