ssot-check
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection. Ingestion points: Content is read and scanned from 'messages/.json', '.claude/**/.md', 'CLAUDE.md', and 'src/lib/stripe/config.ts'. Boundary markers: The instructions do not include delimiters or specific warnings to ignore embedded instructions within these data sources. Capability inventory: The agent is granted 'Bash', 'Read', 'Grep', and 'Glob' tools, which provide powerful system interaction capabilities. Sanitization: There is no evidence of validation or sanitization performed on the content retrieved from the analyzed files.
- [COMMAND_EXECUTION]: The skill executes local repository scripts, specifically 'npm run audit:ssot' and 'node scripts/audit/ssot-pricing.mjs', and uses shell utilities like grep and ripgrep to perform its auditing tasks.
Audit Metadata