self-verification
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requests
allowed-tools: Bash(*), which permits the execution of arbitrary shell commands. This is intended for running tests and linters but provides significant control over the environment. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and executes external project files.
- Ingestion points: Current project code and test files (SKILL.md).
- Boundary markers: None present.
- Capability inventory: Bash(*) tool is used to execute the ingested or associated test content.
- Sanitization: No evidence of validation or sandboxing of scripts before execution.
Audit Metadata