Skills
skills/sien75/graphicode-skills/graphicode-junior-engineer-ts-flow/Gen Agent Trust Hub

graphicode-junior-engineer-ts-flow

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes cat to read README configuration files and echo to write generated TypeScript code to the local filesystem within project directories.\n- [PROMPT_INJECTION]: The skill includes instructions to override standard agent communication behavior by requiring the response 'mission complete' upon task conclusion, which suppresses detailed feedback and explanation.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. 1. Ingestion points: The skill reads configuration data from ./<flowDir>/<flowId>/README.md. 2. Boundary markers: There are no explicit delimiters or instructions to ignore natural language commands embedded within the README files. 3. Capability inventory: The skill has the capability to write arbitrary TypeScript code to the filesystem. 4. Sanitization: There is no validation or sanitization of the README content before it influences the generated source code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 07:33 AM