backend-security-coder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze user-provided code for security reviews, which establishes a surface for indirect prompt injection. • Ingestion points: User-provided code snippets, configuration details, and API endpoint descriptions (e.g., 'Review this API endpoint'). • Boundary markers: Absent; the instructions do not define delimiters (such as XML tags or triple backticks) to separate untrusted user data from the agent's core instructions. • Capability inventory: None; the skill definition (SKILL.md) provides textual advice and instructions but does not include scripts, tools, or executable capabilities that could be exploited. • Sanitization: Absent; no instructions are provided to the agent to validate or escape inputs before analysis.
Audit Metadata