rails-controller
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a code generation template for standard Rails components and does not contain malicious code, hidden URLs, or unauthorized data access patterns.
- [COMMAND_EXECUTION]: The skill allows the execution of 'bundle exec rspec', which is a legitimate command for running Ruby on Rails test suites to verify implementation.
- [PROMPT_INJECTION]: The skill accepts user input to define resource names and controller logic, which is the intended functionality.
- Ingestion points: User instructions for creating new controllers or actions.
- Boundary markers: Absent within the code templates.
- Capability inventory: File write/edit tools and restricted bash execution for tests.
- Sanitization: The templates do not implement specific sanitization for user-provided identifiers.
Audit Metadata