code-examples-sync
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions to execute shell commands for code verification purposes. Evidence includes commands listed in references/verification.md such as 'npm run docs:test-examples', 'python -m doctest docs/', 'cargo test --doc', and 'go test -run=Doc'.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingest and processes untrusted code snippets. 1. Ingestion points: Code snippets from documentation as referenced in SKILL.md. 2. Boundary markers: Absent; there are no instructions to the agent to treat snippet content as data or to ignore instructions within them. 3. Capability inventory: Execution of code via multiple build and test tools as defined in references/verification.md. 4. Sanitization: Absent; the skill does not include steps to validate or sanitize the snippets before they are verified or synchronized.
Audit Metadata