veld-config
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for an agent to write configuration files that contain shell commands (e.g., docker, npm, cargo) for orchestrating local services.
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by defining how to interpolate user-provided data into executable command strings. • Ingestion points: User prompts or project files describing configuration needs. • Boundary markers: The instructions lack specific delimiters or warnings to ignore instructions embedded in the input data. • Capability inventory: Resulting configurations are designed for shell execution. • Sanitization: No input validation or sanitization requirements are specified for the agent.
Audit Metadata