codebase-search
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill's core logic (SKILL.md, Step 2 and 6) instructs the agent to search for and locate sensitive information including environment variables, configuration keys, and authentication implementation details. This functionality targets potential secrets and sensitive configuration data.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes arbitrary content from a codebase using execution-capable tools.
- Ingestion points: The skill uses
Read,Grep, andGlobto ingest data from files within the repository (SKILL.md, Step 4). - Boundary markers: There are no boundary markers or instructions to disregard potential commands or instructions embedded within the codebase being searched.
- Capability inventory: The skill is granted access to the
Bashtool, allowing shell command execution, alongside file system access throughReadandGreptools. - Sanitization: The skill lacks mechanisms to sanitize, validate, or escape the content it finds before processing it or presenting it to the agent for further action.
Audit Metadata