typescript
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill presents a high vulnerability surface for indirect prompt injection by combining external data ingestion with broad write and execution capabilities. 1. Ingestion points: Processes existing .ts and .tsx files using Read, Glob, and Grep tools. 2. Boundary markers: None present to distinguish data from instructions. 3. Capability inventory: Requests access to Bash, Write, Edit, Task, WebFetch, and WebSearch tools in the metadata. 4. Sanitization: No sanitization or validation of the ingested code content is performed before processing.
- Command Execution (MEDIUM): The metadata requests access to 'Bash' and 'Task' tools, which exceeds the requirements for implementing TypeScript patterns and poses an unnecessary risk of shell command execution.
Recommendations
- AI detected serious security threats
Audit Metadata