source-driven-development
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the WebFetch tool to retrieve information from highly reputable and well-known official documentation sites, such as react.dev, learn.microsoft.com, and developer.mozilla.org. This practice is documented neutrally as it targets trusted sources to improve implementation accuracy.\n- [PROMPT_INJECTION]: Analysis identified a potential indirect prompt injection surface where external content is ingested into the agent context via documentation fetching.\n
- Ingestion points: The WebFetch tool in SKILL.md Phase 2 retrieves content from external URLs listed in detect-stack.md.\n
- Boundary markers: SKILL.md Phase 2/3 classifies fetched content as 'L4 Verify-first' and instructs the agent to perform cross-checks before implementation.\n
- Capability inventory: SKILL.md Phase 3 empowers the agent to modify project source code based on the fetched data.\n
- Sanitization: The protocol in SKILL.md Phase 2/3 mandates verification against local code and tests (L3) and explicitly bans high-risk community sources like Stack Overflow or personal blogs to reduce the risk of ingesting malicious payloads disguised as code samples.
Audit Metadata