get-qodo-rules
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface by ingesting rules from an external API and instructing the agent to treat "ERROR" level rules as non-negotiable constraints during code tasks.
- Ingestion points: Rules are fetched from the Qodo platform API (references/pagination.md).
- Boundary markers: Fetched rules are presented under structured headers like "# ᄒ Qodo Rules Loaded" (references/output-format.md).
- Capability inventory: Uses Bash for environment checks and influences all subsequent code generation, modification, and review tasks.
- Sanitization: There is no specified validation or sanitization for the rule descriptions retrieved from the remote API.
- [CREDENTIALS_UNSAFE]: Accesses an API key stored in the ~/.qodo/config.json configuration file to authenticate requests to the Qodo platform.
- [DATA_EXFILTRATION]: Extracts repository and organization identity from git remote URLs and transmits this metadata to an external endpoint to query for relevant coding rules.
Audit Metadata