fdd-architecture
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes two Node.js scripts,
analyze-migration.jsandscaffold-feature-move.js, which are designed to be executed locally. These scripts have the capability to read directories, create new folders, move files, and append content to files across the user's project structure. - [COMMAND_EXECUTION]: Multiple TypeScript template files located in
assets/feature-template/are encoded using UTF-16 Little Endian (with a Byte Order Mark). This encoding method obscures the file contents from simple text-search tools and security scanners that primarily check for UTF-8 or ASCII strings, effectively acting as a form of code obfuscation. - [DATA_EXFILTRATION]: The
scaffold-feature-move.jsscript lacks path sanitization for thefeatureNameandlayerarguments. This allows for potential path traversal, where a malicious or accidental input could move sensitive system files (e.g., credentials or configuration) into the project's source folders where they might be exposed or committed to version control. - [PROMPT_INJECTION]: The
analyze-migration.jsscript identifies a vulnerability surface for indirect prompt injection by processing untrusted file system data. - Ingestion points:
fs.readdirSyncandfs.readFileSyncinscripts/analyze-migration.jsingest file paths and names from the./srcdirectory. - Boundary markers: None. The script does not use delimiters or instructions to prevent the agent from interpreting filenames as instructions during the audit process.
- Capability inventory: The skill allows for file movement and file content modification via the accompanying
scaffold-feature-move.jsscript. - Sanitization: None. Filenames and paths are used directly in output reports and passed as arguments to the scaffolding script without validation or escaping.
Audit Metadata