dev-crud
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of external document content used to guide code generation.\n
- Ingestion points: The skill reads project design documents and technical analysis files from the
/projectdocs/design/directory.\n - Boundary markers: Absent; there are no instructions to the model to treat the content of these files as untrusted data or to ignore embedded instructions.\n
- Capability inventory: The skill generates complex source code across multiple layers (Entity, DAO, Service, Controller, DTO) for various technology stacks (Java, Go, Python, Node.js).\n
- Sanitization: Absent; the skill does not specify any validation, escaping, or sanitization logic for the content within the ingested documents.\n- [NO_CODE]: This skill consists entirely of markdown instructions and metadata for the AI agent, with no accompanying executable scripts or binary files.
Audit Metadata