rsdoctor-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes external data from a user-provided JSON file and has the capability to modify project files based on that data.
- Ingestion points: Build data is loaded from
rsdoctor-data.jsonand processed by thescripts/rsdoctor.jsscript to provide optimization insights. - Boundary markers: The skill defines a specific response format (High-Priority Issues, Reference Chain, Proposed Solutions, Next Deep-Dive Analysis) to structure the agent's output and minimize unintended behavior.
- Capability inventory: The agent is authorized to update
package.json, modify build configurations (e.g.,splitChunks), and execute build commands (e.g.,npm run build), with instructions to seek user confirmation first. - Sanitization: The skill lacks explicit sanitization of the content within the
rsdoctor-data.jsonfile before it is interpreted by the agent for generating recommendations.
Audit Metadata