disciplined-implementation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill processes untrusted external data from Phase 2 Implementation Plans and Phase 2.5 Interview Findings. It uses this content to generate executable code and tests without specified boundary markers or sanitization.
- [Command Execution] (HIGH): The agent is instructed to run
cargo test,cargo audit, andcargo tarpaulin. These commands execute the code generated by the agent on the local system. An attacker can inject malicious logic into the implementation plan that executes during the test or audit phase. - [Dynamic Execution] (MEDIUM): The workflow involves runtime generation, compilation, and execution of Rust code based on instructions derived from external documents, which is a significant attack surface.
Recommendations
- AI detected serious security threats
Audit Metadata