Skills
skills/akillness/oh-my-unity3d/codebase-search/Gen Agent Trust Hub

codebase-search

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality.
  • Ingestion points: The skill reads and processes external codebase files using the Read and Grep tools as specified in SKILL.md.
  • Boundary markers: Absent. There are no instructions or delimiters defined to prevent the agent from following malicious instructions found within the code being analyzed.
  • Capability inventory: The skill is granted access to the Bash tool, which provides significant system interaction capabilities.
  • Sanitization: Absent. The instructions do not prescribe any validation or escaping of the content retrieved from searched files.
  • [COMMAND_EXECUTION]: The skill's workflow involves the execution of various shell commands (e.g., grep, git blame, git log) via the Bash tool. While these are necessary for the skill's purpose, they represent a high capability tier that increases the impact of potential prompt injections.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 07:25 AM