project-implementation
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute local development commands, including running test suites (e.g.,
npm run test,pytest,bundle exec rspec) and performing version control actions (git add,git commit). These actions are the primary intended function of the skill to ensure implementation correctness and maintain project history.- [PROMPT_INJECTION]: The skill reads and processes all markdown files within adocs/directory to derive its implementation tasks. This creates a surface for indirect prompt injection, as the agent may follow instructions embedded within those documentation files. - Ingestion points: All files matching the
docs/*.mdpattern. - Boundary markers: No specific delimiters or security instructions are provided to the agent to distinguish between project documentation and executable instructions.
- Capability inventory: The skill has permissions to read/write files, execute testing commands in the shell, and make Git commits.
- Sanitization: The skill does not perform any sanitization or validation of the documentation content before interpreting it for the implementation loop.
Audit Metadata