finishing-development
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill dynamically identifies and executes shell commands such as make test, npm test, or pytest based on contents found within the repository's configuration files like Makefile, package.json, or README.- [PROMPT_INJECTION]: The skill exhibits an attack surface for Indirect Prompt Injection (Category 8) because it parses untrusted data from project files to determine execution logic.
- Ingestion points: Project configuration and documentation files (Makefile, Taskfile, package.json, README) as defined in Step 2.
- Boundary markers: The skill lacks explicit instructions to ignore embedded instructions within the files it reads, though it uses structured output templates.
- Capability inventory: Execution of shell commands through build and test tools as described in Step 3.
- Sanitization: No explicit sanitization or validation of the commands extracted from project files is performed before they are passed to the shell.
Audit Metadata