Dev Hub Command Center
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection attack surface because it ingests and processes untrusted data from multiple sources.
- Ingestion points: The skill reads external data via the 'user_description' input and the 'list_comments' tool, and parses user-provided code context such as error logs and TODOs.
- Boundary markers: There are no instructions to use delimiters or ignore instructions when processing these external data sources.
- Capability inventory: The skill has the ability to write back to the system using 'create_task', 'update_task', and 'create_comment' tools.
- Sanitization: The skill does not specify any sanitization or validation logic for the external content it processes.
Audit Metadata