codemap
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled helper script,
codemap.mjs, using thenoderuntime. This script performs local file system operations such as directory traversal, file hashing, and writing state files (.slim/codemap.json) and documentation templates (codemap.md). These operations are restricted to the repository root provided as an argument.\n- [INDIRECT_PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it ingests untrusted data from the repository structure and generates documentation that influences future agent context.\n - Ingestion points: Repository file names, directory structure, and file content (processed by sub-agents) as referenced in
SKILL.mdandscripts/codemap.mjs.\n - Boundary markers: None explicitly defined in the instruction files to isolate ingested data from instructions.\n
- Capability inventory: The skill can write to the filesystem (
codemap.md,AGENTS.md,.slim/codemap.json) and instruct the agent to spawn sub-tasks based on discovered content.\n - Sanitization: No explicit sanitization or escaping of file names or extracted content is performed before interpolation into documentation files.
Audit Metadata