Command Development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill documentation describes a framework for interpolating untrusted user data into agent prompts through arguments ($1, $ARGUMENTS) and file references (@path).
- Ingestion points: Arguments ($1, $2) and file content references (@) are interpolated directly into command prompts across all examples in
examples/simple-commands.md. - Boundary markers: Examples largely lack explicit delimiters (like XML tags or clear separators) to isolate user-provided arguments from the command's instructions.
- Capability inventory: The documented system supports high-privilege capabilities including file modification (
Write,Edit) and arbitrary command execution viaBash(e.g.,npm,kubectl,git). - Sanitization: While the
README.mdmentions "Validation patterns" as an enhancement, the provided references and examples do not include specific sanitization logic for user-provided strings before interpolation.
Audit Metadata