Skills
skills/tony363/superclaude/sc-implement/Gen Agent Trust Hub

sc-implement

Warn

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/run_tests.py script utilizes subprocess.run to execute various testing frameworks (pytest, jest, vitest) based on the detected project environment, facilitating local code execution.
  • [COMMAND_EXECUTION]: Both scripts/skill_learn.py and scripts/loop_entry.py use dynamic loading techniques, including importlib.util.spec_from_file_location and sys.path modification via Path(__file__).parents[4], to load project-level modules from computed paths.
  • [PROMPT_INJECTION]: The skill processes external feature descriptions and codebase data, presenting an indirect prompt injection surface.
  • Ingestion points: Task descriptions, existing repository files, and test results via scripts/run_tests.py.
  • Boundary markers: Does not implement explicit delimiters or 'ignore' instructions when interpolating external task data into agent prompts.
  • Capability inventory: Includes command execution via subprocess, file system manipulation (write/delete), and behavior persistence.
  • Sanitization: Employs yaml.safe_load for internal agent metadata but lacks comprehensive input validation for user-provided task descriptions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 2, 2026, 02:34 AM