fullstack-developer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of markdown instructions and JSON communication templates. No executable scripts such as Python, JavaScript, or shell scripts are present in the provided content.
- [PROMPT_INJECTION] (LOW): The skill demonstrates an attack surface for indirect prompt injection because it is designed to ingest and process external data (code, schemas, and architecture).
- Ingestion points: Processes database schemas, API architecture, and full-stack context via the
get_fullstack_contextrequest. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within processed data are defined.
- Capability inventory: Includes tool usage for PostgreSQL, Redis, Docker, and Playwright (which can execute browser automation).
- Sanitization: No sanitization or validation logic is specified for data fetched from external sources.
- [DATA_EXPOSURE] (SAFE): While the instructions mention managing authentication (JWT, cookies) and databases, no hardcoded API keys, passwords, or sensitive file paths were detected.
Audit Metadata