trust-but-verify
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data.
- Ingestion points: Claims are extracted from test results, coverage reports, documentation, deployment logs, and team communications as defined in
SKILL.md. - Boundary markers: No delimiters or protective instructions are provided to the agent to isolate the extracted data from the system prompt.
- Capability inventory: The skill involves executing shell commands via
npm runto perform verification, creating a path for malicious instructions to influence system operations. - Sanitization: The skill does not define any methods for validating or escaping the content of the claims it processes.
Audit Metadata