review
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Ingestion points: All source files and ecosystem-specific metadata files (e.g., package.json, pyproject.toml, Cargo.toml) in the repository being audited. Boundary markers: Absent; there are no instructions to the agent to disregard instructions that might be contained within the files it is scanning. Capability inventory: The skill uses tools like grep and git ls-files to perform read operations across the repository. Sanitization: Absent; the skill does not specify any sanitization or escaping for the content retrieved from the repository files. This creates a surface for indirect prompt injection where malicious instructions embedded in the audited files could influence the agent's behavior during the review process.
Audit Metadata