way-magefile
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill provides helper functions (e.g.,
sh.Run,exec.Command) and examples for executing shell commands such asgo build,go mod download, andgit diff. This is the primary intended function for a build automation skill. - [EXTERNAL_DOWNLOADS] (LOW): The skill references several external Go modules and tools (e.g.,
github.com/magefile/mage,golangci-lint,buf). While these originate from non-whitelisted GitHub repositories, they are well-known, industry-standard development tools. - [PROMPT_INJECTION] (LOW): The skill introduces a surface for indirect prompt injection by defining how an agent should read and interpret user-provided Magefiles. A malicious file could potentially contain embedded instructions to exploit the command execution capabilities provided by the skill.
- Ingestion points: The agent is instructed to read and understand
magefile.goor project-specific build configurations provided by users. - Boundary markers: Absent; no specific delimiters or protective warnings are suggested in the templates to isolate user data from instructions.
- Capability inventory: The skill explicitly provides tools for arbitrary system command execution and file system manipulation.
- Sanitization: No input validation or sanitization of command-line arguments is performed in the provided helper functions.
Audit Metadata