Skills
skills/rainlib/full-stack-skill/code-development/Gen Agent Trust Hub

code-development

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted data from multiple documentation sources to guide its code generation and command execution.
  • Ingestion points: Reads program-design-{id}.md, task-breakdown-{id}.md, and unit-testing-{id}.md as specified in SKILL.md.
  • Boundary markers: None identified in the prompt templates to distinguish between instructions and data.
  • Capability inventory: The skill has broad capabilities including Bash(*), Write, and Read (defined in SKILL.md).
  • Sanitization: No sanitization or validation of the ingested documentation content is performed before use.
  • [COMMAND_EXECUTION]: The skill provides templates for executing arbitrary shell commands via Bash(*) to run tests and linters.
  • Evidence: templates/development-checklist.md contains command references for ./gradlew test, mvn test, pytest, and npm test.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 02:20 PM