Gear
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: References installation scripts and GitHub Actions from trusted and well-known providers like bun.sh, Astral, and Gitleaks.
- [COMMAND_EXECUTION]: Executes shell commands via package managers (pnpm, uv, cargo) and Docker to manage project builds and environments.
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection as it processes untrusted project data.
- Ingestion points: Reads package.json, Dockerfiles, and CI workflows.
- Boundary markers: Mentions the use of _common/BOUNDARIES.md to define role constraints.
- Capability inventory: Capable of file writing and command execution using pnpm and Docker CLI across reference files.
- Sanitization: No explicit input sanitization or validation of project file content is documented in the references.
Audit Metadata