cs-compilers
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation references the use of system-level compiler tools, specifically the LLVM 'opt' tool for optimization passes and 'make' for compiling Tree-sitter grammars. These are standard and expected operations for the skill's stated purpose in computer science and compiler development.
- [EXTERNAL_DOWNLOADS]: The skill suggests downloading the 'openclaw' SDK using standard package managers (pip) and cloning grammar repositories for Tree-sitter integration. These resources appear to be part of the tool's legitimate ecosystem.
- [CREDENTIALS_UNSAFE]: The skill demonstrates secure handling of sensitive data by instructing users to utilize environment variables (e.g., $OPENCLAW_API_KEY) for authentication rather than hardcoding credentials directly into scripts or commands.
- [PROMPT_INJECTION]: As a tool designed to process and transform source code, the skill inherently possesses an indirect prompt injection surface via the 'code' parameter. This is an expected functional aspect of any compiler or parser tool, though it represents a point where untrusted data enters the agent's context.
- Ingestion points: The 'code' and 'input' parameters in actions such as 'parse', 'generate-llvm', and 'lex' (SKILL.md).
- Boundary markers: None explicitly defined in the documentation for the data interpolation.
- Capability inventory: Subprocess execution for LLVM tools and library loading for Tree-sitter (SKILL.md).
- Sanitization: Not explicitly documented; users should ensure input code is validated if coming from untrusted sources.
Audit Metadata