Skills
skills/akillness/skills-template/codebase-search/Gen Agent Trust Hub

codebase-search

Warn

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill provides specific patterns and instructions for locating sensitive information such as API keys and environment variables within a codebase.
  • Evidence: SKILL.md includes grep commands specifically targeting API_KEY, process.env, and os.environ in Steps 2 and 4.
  • [COMMAND_EXECUTION]: The skill is configured to use the Bash tool, enabling the execution of arbitrary shell commands on the system.
  • Evidence: The allowed-tools metadata field includes Bash, and the instructions provide numerous command-line examples using grep and git.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and displays content from potentially untrusted files without adequate safeguards.
  • Ingestion points: File content is ingested via the Read and Grep tools.
  • Boundary markers: None; the instructions do not specify delimiters to distinguish between codebase content and system instructions.
  • Capability inventory: The skill has access to Bash and Read tools, which can be leveraged if an injection occurs.
  • Sanitization: No sanitization or content validation is performed on the files being searched.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 12:43 PM