service-agent
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard Rails development commands including
bundle exec rspecfor testing,bundle exec rubocopfor linting, andbin/rails consolefor verification. These commands are typical for the described workflow and are restricted to the local environment. - [SAFE]: The skill and its associated documentation follow industry-standard patterns for Ruby on Rails development. There are no detections of credential theft, obfuscation, or unauthorized external communications.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external project files to generate code. Ingestion points: Project source code including models, queries, and jobs. Boundary markers: None defined in the skill instructions. Capability inventory: Ability to create and modify Ruby files in the
app/services/directory and execute shell commands viabundle exec. Sanitization: Code examples demonstrate defensive practices such as the use of strong parameters and explicit authorization guards.
Audit Metadata