coding-agent
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes coding agent CLI tools such as claude, codex, and gemini, along with utility commands like npx vitest and python3 -m json.tool, to automate development tasks.\n- [EXTERNAL_DOWNLOADS]: Recommends installing official packages from trusted providers, including @anthropic-ai/claude-code and @openai/codex, via the npm registry.\n- [PROMPT_INJECTION]: Potential for indirect prompt injection as the skill processes local codebase files which could contain malicious instructions.\n
- Ingestion points: Files within the project source directories (e.g., src/) are read and processed by the sub-agents (SKILL.md).\n
- Boundary markers: Lacks explicit delimiters or instructions for sub-agents to ignore commands embedded in source code comments or strings.\n
- Capability inventory: The skill has the capability to spawn background processes and execute commands through the invoked CLI tools (SKILL.md).\n
- Sanitization: No evidence of sanitization or filtering of the content being passed to the sub-agents for analysis or refactoring.
Audit Metadata