Skills
skills/whtoo/how_to_implment_pl_in_antlr4/vm-dev/Gen Agent Trust Hub

vm-dev

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE] (SAFE): The skill provides instructions for developing VM components. All commands provided (mvn, vim) are standard developer tools used within the scope of the skill's purpose.
  • [COMMAND_EXECUTION] (SAFE): The skill utilizes the Bash tool for running Maven commands like 'mvn compile' and 'mvn test'. These are routine development tasks and do not involve untrusted remote sources or suspicious flags.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill interacts with local files and code, creating an attack surface for indirect injection (e.g., if the agent reads a maliciously crafted source file). However, this is inherent to development-focused agents. 1. Ingestion points: Java source files (e.g., BytecodeDefinition.java) accessed through the Read tool. 2. Boundary markers: Absent. 3. Capability inventory: File modification (replace_symbol_body) and system command execution (Bash). 4. Sanitization: None described for external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:30 PM