model-agent
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill leverages standard Rails CLI tools, including
bundle exec rspec,bin/rails console, andbin/rails dbconsole. These commands are used as intended for model testing and database management within a development environment. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes application source code that could contain untrusted content.
- Ingestion points: Reads files from
app/models/,app/validators/,app/services/,app/queries/, anddb/schema.rb. - Boundary markers: None identified in the provided instructions.
- Capability inventory: Shell command execution via
bundle execand interactive Ruby code execution viabin/rails console. - Sanitization: No sanitization or validation of ingested file content is performed.
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration attempts were identified. The skill follows best practices for Rails development.
Audit Metadata