finalize
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a procedural guide for development workflows. It instructs the agent to execute standard linting and formatting tools (e.g., eslint, prettier, ruff, black) and run test suites expected to be found within a project's existing environment.
- [PROMPT_INJECTION]: The skill relies on information retrieved from project-specific files like
CLAUDE.md,package.json, andGemfileto determine which commands to execute. This constitutes an indirect prompt injection surface where a maliciously modified project file could attempt to influence the agent's actions during the finalization process. - Ingestion points:
CLAUDE.md,package.json,Gemfile(referenced in SKILL.md) - Boundary markers: Absent
- Capability inventory: Subprocess execution (linting/testing) and file system writes (fixing code issues)
- Sanitization: Absent
Audit Metadata