lint-fix-parallel
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill executes a local bash script with interpolated arguments, which can be a vector for command injection.\n
- Evidence:
SKILL.mduses`!scripts/run-lint-typecheck.sh $ARGUMENTS`.\n - Risk: If the
$ARGUMENTSvariable contains shell metacharacters and the agent platform does not provide adequate sanitization, it could allow execution of arbitrary commands on the host.\n- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection via tool output processing.\n - Ingestion points:
scripts/run-lint-typecheck.shparseseslintandtscoutputs which are then passed to subagents inSKILL.md.\n - Boundary markers: Absent. No instructions are given to subagents to distinguish between valid instructions and potential instructions embedded in error messages.\n
- Capability inventory: Subagents have
Edit,Bash, andTasktools, allowing for significant impact if an injection is successful.\n - Sanitization: Absent. Tool outputs are used directly to guide agent actions.\n
- Risk: Malicious code comments can manipulate linter outputs to trick subagents into performing unintended modifications or tool calls.\n- RESOURCE_MANAGEMENT (LOW): The skill initiates one subagent per file in parallel, which can cause resource strain.\n
- Evidence: Implementation rules in
SKILL.mdmandate simultaneous parallel execution for all problematic files.\n - Risk: In projects with many errors, this could lead to CPU/Memory exhaustion or API rate limiting.
Audit Metadata