secure-coding-generate
Warn
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill processes untrusted user-provided 'code descriptions' to determine security logic. This surface allows an attacker to inject instructions that bypass security rules or lead to the generation of malicious code.\n- Indirect Prompt Injection Evidence Chain (INFO):\n
- Ingestion points: User-provided description in Step 1.\n
- Boundary markers: Absent. No delimiters used to separate user input from agent instructions.\n
- Capability inventory: File-read access to the 'rules/' directory.\n
- Sanitization: Absent. No validation or filtering of user input before it influences file-reading logic.\n- Path Traversal Risk (LOW): User input determines which rule files are read. Without strict tool-level enforcement, a crafted input could attempt to access sensitive files outside the 'rules/' directory.\n- Unverifiable Dependencies (LOW): The skill relies on external rule files in the 'rules/' directory which are not provided for analysis, making the safety of the generated code dependent on unverifiable local state.
Audit Metadata