ampdo
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by directing the agent to locate and obey instructions within code comments. \n- Ingestion points: Data from codebase via ripgrep in SKILL.md. \n- Boundary markers: No delimiters or instructions to ignore malicious content are present. \n- Capability inventory: The skill grants permission to implement code changes and execute action items based on untrusted input. \n- Sanitization: There is no validation or sanitization of the comment content before execution. \n- [COMMAND_EXECUTION]: The skill uses the
rg(ripgrep) utility to search for strings within the local codebase.
Audit Metadata