effect-ts
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions to clone the official Effect-TS source code to a local directory (~/.effect) using git clone if it is missing, which is a functional requirement for the agent to provide accurate implementation details and navigate core logic.- [EXTERNAL_DOWNLOADS]: Fetches source code from the official Effect-TS GitHub repository (github.com/Effect-TS/effect) to serve as a local reference for the agent when analyzing complex types or library behaviors.- [PROMPT_INJECTION]: The skill processes project-specific codebase patterns and library source code, which constitutes an indirect prompt injection surface.
- Ingestion points: Reads code from the ~/.effect directory and the current project files.
- Boundary markers: No explicit markers or 'ignore embedded instructions' warnings are implemented for processed data.
- Capability inventory: Executing shell commands (git clone) and spawning research sub-agents via the Task tool.
- Sanitization: No specific sanitization or filtering is applied to the analyzed code content.
Audit Metadata