vibe-manifest-generator
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill generates core instructions for AI agents by analyzing and extracting data from project files that may be under attacker control.
- Ingestion points: The Project Analysis phase in SKILL.md extracts information from package.json, README.md, and scripts.
- Boundary markers: The skill does not generate files with protective delimiters or instructions to ignore embedded commands within the extracted project data.
- Capability inventory: Manifest templates like AGENTS.md.example promote the use of high-capability tools including the shell subagent and GitHub CLI for PR management.
- Sanitization: There is no evidence of sanitization or filtering of the extracted project metadata before it is written into the CLAUDE.md and .cursorrules files.
Audit Metadata