get-qodo-rules
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill fetches external data from
qodo-platform.qodo.aiwhich is then presented as mandatory instructions for the agent. - Ingestion points: Data is fetched via
urllib.requestinscripts/fetch-qodo-rules.pyand printed to the agent's context. - Boundary markers: While the output uses Markdown headers (e.g.,
# 📋 Qodo Rules Loaded), it lacks explicit instructions telling the agent to treat the fetched content as untrusted data or to ignore any embedded behavioral overrides. - Capability inventory: The agent is granted
BashandReadpermissions and is triggered during high-integrity tasks like code refactoring and bug fixing. - Sanitization: The script performs no sanitization or validation of the rule descriptions before outputting them, allowing potential instructions within rules to influence agent behavior.
Audit Metadata