Skills
skills/sien75/graphicode-skills/graphicode-start-ts-bun/Gen Agent Trust Hub

graphicode-start-ts-bun

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses cat to read the project configuration from graphig.json and ls -d to identify directories for states and flows. These commands are used to gather data for code generation.
  • [PROMPT_INJECTION]: The skill displays an indirect prompt injection vulnerability surface through its code generation process.
  • Ingestion points: Data is ingested from the ./graphig.json file and through directory names retrieved from the file system using ls.
  • Boundary markers: The skill lacks any boundary markers or directives that isolate the ingested data from the TypeScript code template used to generate the launcher script.
  • Capability inventory: The skill is designed to write and update the <entryDir>/launcher.ts file, which is an executable part of the user's project environment.
  • Sanitization: There is no sanitization or validation of the configuration fields or directory names before they are interpolated into the launcher.ts file as imports and method calls, meaning a malicious project structure could inject unintended logic into the generated code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 05:04 AM