code-quality-report
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill reads user-provided source code and evaluates it using AI. There are no boundary markers or instructions to the AI to ignore instructions embedded within the source code.
- Ingestion points:
SKILL.mdStep 3 reads file contents for evaluation. - Boundary markers: Absent. No delimiters are used to wrap the code being analyzed.
- Capability inventory: File system enumeration, directory creation, and HTML file generation.
- Sanitization: Absent. The content of source files is processed directly by the model.
- Dynamic Execution / XSS (LOW): In
SKILL.mdStep 4, JSON data generated from the file system (which includes filenames) is directly assigned to a JavaScript variable (rawData) inside an HTML template. If a directory contains a file with a name designed to break out of a string literal (e.g.,";alert(1);//.js), it could execute arbitrary JavaScript when the generated HTML report is opened in a browser. - Command Execution (SAFE): The skill executes a local script
generate-file-structure.jsusingnode. This script uses standard library modules (node:fs,node:path) and does not pull in external dependencies or execute remote code.
Audit Metadata