zig-sdl3-bindings
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation references an external repository for its core dependency at
git+https://codeberg.org/7Games/zig-sdl3. This reference is standard for the skill's purpose. - [COMMAND_EXECUTION]: The skill provides an API (
sdl3.Process) to spawn and interact with external system processes, as demonstrated in thereferences/system-platform.mddocumentation. - [DATA_EXFILTRATION]: The skill documents capabilities to read and write files across the system (
sdl3.filesystem), access sensitive folders such as the user home directory, interact with the system clipboard (sdl3.clipboard), and perform network communications (sdl3.net). - [PROMPT_INJECTION]: The skill describes an attack surface for indirect prompt injection due to its ability to ingest untrusted data from various sources and perform privileged system operations.
- Ingestion points: Data can enter the agent context via the clipboard (
references/clipboard.md), network sockets (references/net.md), and file reading operations (references/filesystem-io.md). - Boundary markers: The provided code patterns do not include specific delimiters or instructions to ignore embedded commands in processed data.
- Capability inventory: The skill facilitates subprocess execution, file system modification, and network egress.
- Sanitization: The reference patterns do not demonstrate explicit sanitization of input data before it is used in logic or system calls.
Audit Metadata