The skill is highly insecure, featuring prompt injection, mass assignment vulnerabilities, insecure JWT handling, unauthorized network access, and aggressive persona hijacking that overrides the agent's intended behavior.
npx skills add https://github.com/LeviReisJs/ruby-on-rails-skill-docsDeBERTa classifier detected prompt injection (confidence: 0.99)
User-supplied parameters are passed to an ActiveRecord create or update method without proper whitelisting. An attacker can set any model attribute including admin flags or role fields. Use strong parameters with explicit permit() calls listing only allowed fields. (seen 2 times in this file at lines 8, 21)
User.new(user_create_params)
JWT decoded with signature verification disabled or with `alg:none` allowed. This permits token forgery. Always pass `true` for verification and restrict algorithms to expected values like `algorithms: ["HS256"]`.
JWT.decode(token, public_key, false)
NER model detected organization in skill content (confidence: 0.51)
N***
NER model detected organization in skill content (confidence: 0.55)
M**********
NER model detected organization in skill content (confidence: 0.56)
O*
NER model detected organization in skill content (confidence: 0.59)
A**
NER model detected organization in skill content (confidence: 0.65)
A*********
NER model detected organization in skill content (confidence: 0.68)
I***
NER model detected organization in skill content (confidence: 0.69)
N**
NER model detected organization in skill content (confidence: 0.77)
S**
NER model detected organization in skill content (confidence: 0.78)
C****************************
NER model detected organization in skill content (confidence: 0.88)
M*******
NER model detected organization in skill content (confidence: 0.90)
S******
NER model detected organization in skill content (confidence: 0.91)
A********
NER model detected organization in skill content (confidence: 0.93)
D*****
NER model detected organization in skill content (confidence: 0.94)
R************
NER model detected organization in skill content (confidence: 0.97)
R***
NER model detected organization in skill content (confidence: 0.98)
R****
NER model detected organization in skill content (confidence: 0.99)
A***********
NER model detected organization in skill content (confidence: 0.63)
*
The skill uses aggressive language to force its activation whenever common Ruby/Rails keywords are mentioned, effectively hijacking the agent's persona even when the user is not explicitly requesting this skill.
Use SEMPRE que o usuário mencionar Rails, Ruby, ActiveRecord, Devise... mesmo que não mencione a palavra 'skill'.
Skill does not specify a license field. Specifying a license helps users understand usage terms.
Skill description is empty or too short. A clear description helps users evaluate the skill's purpose.
[](https://mondoo.com/ai-agent-security/skills/github/LeviReisJs/ruby-on-rails-skill-docs)<a href="https://mondoo.com/ai-agent-security/skills/github/LeviReisJs/ruby-on-rails-skill-docs"><img src="https://mondoo.com/ai-agent-security/api/badge/github/LeviReisJs/ruby-on-rails-skill-docs.svg" alt="Mondoo Skill Check" /></a>https://mondoo.com/ai-agent-security/api/badge/github/LeviReisJs/ruby-on-rails-skill-docs.svgSkills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.