Skills
skills/aakash-dhar/claude-skills/impact-analysis/Gen Agent Trust Hub

impact-analysis

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill extensively uses the Bash tool to run local search operations using grep and find. It also performs file system management, such as creating the project-decisions/ directory and generating an index file using mkdir, echo, and redirection.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8). It ingests content from the local codebase (source code, comments, and documentation) using grep and head. This data is then used to populate the 'Impact Analysis' reports.
  • Ingestion points: Codebase files processed via grep and head (SKILL.md).
  • Boundary markers: Absent; the content read from the files is directly used in the report structure without delimiters.
  • Capability inventory: File system write access via Bash (mkdir, echo) and read access via search tools.
  • Sanitization: Absent; the skill uses sed for output formatting but does not sanitize content to prevent instruction injection from the analyzed files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:15 PM