iterative-code-exploration
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard shell utilities (find, tree, grep, cat, ls, git, xargs, wc, sort, uniq) to discover project structures and evaluate code relevance. These tools are used according to standard development practices.
- [INDIRECT_PROMPT_INJECTION]: The skill methodology involving the reading of external codebase files creates a potential ingestion point for indirect prompt injection.
- Ingestion points: File content is ingested via cat and grep commands during the Discover, Evaluate, and Refine phases (SKILL.md).
- Boundary markers: No explicit boundary markers or instructions to treat codebase content as untrusted data are provided.
- Capability inventory: The skill assumes the ability to execute shell commands to interact with the local file system.
- Sanitization: No validation or sanitization of retrieved file content is performed.
Audit Metadata