session-start
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted content from 'PROMPT.md' without sanitization or boundary markers. 1. Ingestion points: PROMPT.md. 2. Boundary markers: None. 3. Capability inventory: Command execution (servers). 4. Sanitization: None.
- Command Execution (LOW): The skill requires the agent to run development servers, implying the use of shell commands which could be exploited if context is poisoned.
- No Code (SAFE): This skill consists solely of instructions and metadata without associated scripts or configuration files.
Audit Metadata