ac-complexity-assessor
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill ingests untrusted content from a user-provided
project_dirto determine complexity levels and generate recommendations, which could allow malicious code or comments in those files to manipulate the agent's planning output.\n - Ingestion points: Files within the
project_dirare parsed by theComplexityAssessor.\n - Boundary markers: No specific delimiters or instructions to ignore embedded commands are documented for the data ingestion process.\n
- Capability inventory: The skill influences project management decisions by generating recommendations (e.g., 'auth-003 may need more time') and effort estimates.\n
- Sanitization: No sanitization or validation of input content is mentioned.\n- Command Execution (LOW): The skill executes a local Python script
scripts/complexity_assessor.py. While typical for agent skills, the source code was not included for review, preventing a complete assessment of its underlying operations.
Audit Metadata