backend-golang
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill is explicitly granted 'Bash' tool access. This allows the agent to execute any shell command on the host environment, which can be exploited if the agent's logic is subverted.- [PROMPT_INJECTION] (HIGH): Vulnerable to Indirect Prompt Injection (Category 8). Evidence: 1. Ingestion points: Reads external project data via 'Read', 'Glob', and 'Grep'. 2. Boundary markers: None defined to separate untrusted file content from agent instructions. 3. Capability inventory: High-risk tools include 'Bash', 'Write', and 'Edit'. 4. Sanitization: No sanitization of ingested code content. A malicious actor could embed instructions in Go comments or strings that trick the agent into using 'Bash' to exfiltrate data or 'Write' to create backdoors.- [DATA_EXFILTRATION] (MEDIUM): The combination of 'Read' access and 'Bash' (which can invoke network tools like curl or wget) creates a pathway for exfiltrating sensitive project information or environment secrets if the agent is manipulated by external content.
Recommendations
- AI detected serious security threats
Audit Metadata