api-audit
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local bash scripts (
scripts/inventory-api-surface.shandscripts/find-shared-schemas.sh) to perform static analysis. These scripts use theripgreputility to scan for route patterns, authentication hooks, and schema definitions within the project's source code. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because it ingests and processes data from the local codebase which could contain malicious instructions.
- Ingestion points: The agent reads and processes source files from directories such as
appsandpackagesvia the inventory scripts. - Boundary markers: No explicit delimiters or instructions are provided to the agent to distinguish between the code being analyzed and potential embedded instructions, nor are there warnings to ignore natural language instructions found within the files.
- Capability inventory: The agent has the capability to execute shell scripts and synthesize reports based on its findings, which could be influenced by malicious content in the scanned files.
- Sanitization: There is no evidence of sanitization, filtering, or validation of the extracted source code content before it is processed by the agent.
Audit Metadata