scaffold
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is granted access to the
Bashtool to facilitate the scaffolding process. No specific malicious command strings were found within the skill's instructions. - [PROMPT_INJECTION]: The skill analyzes untrusted local project files to match coding conventions, which creates a surface for indirect prompt injection.
- Ingestion points: The skill reads file contents from the local environment using
Read,Grep, andGlob, targeting files like.cs,.tsx,.json, and.yml. - Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from obeying instructions that might be embedded within the project files it reads.
- Capability inventory: The skill has access to powerful tools including
Write,Edit, andBash. - Sanitization: There is no evidence of sanitization or validation of the data read from the local environment before it is used in code generation or tool calls.
Audit Metadata