Skills
skills/vamseeachanta/workspace-hub/core-coder/Gen Agent Trust Hub

core-coder

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill ingests external data through the $TASK variable and researcher findings. While it uses this data for instruction, it lacks explicit boundary markers (e.g., XML tags or delimiters) to differentiate between instructions and untrusted data.
  • Ingestion points: $TASK environment variable in hooks; 'researcher findings' mentioned in coordination.
  • Boundary markers: Absent.
  • Capability inventory: Access to Bash, Write, Edit, Read tools.
  • Sanitization: None detected.
  • [Command Execution] (LOW): The skill is configured with the Bash tool and uses shell commands in its pre and post hooks. Specifically, the post hook executes npm run lint. While this is standard behavior for a coding agent, it allows the execution of arbitrary scripts defined in a local package.json file. This risk is downgraded to LOW as it is a core part of the skill's primary function.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 03:40 PM