ast-grep
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for executing shell-based tools including sg, ast-grep, rg, and xargs to perform AST-aware code exploration.
- [EXTERNAL_DOWNLOADS]: The reference guide recommends nix run nixpkgs#ast-grep as a fallback method, which fetches the tool from the well-known Nixpkgs repository.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingests and processes source code from external, potentially untrusted files.
- Ingestion points: Files in the local filesystem are read and parsed during the search process.
- Boundary markers: No delimiters are specified to isolate the search patterns from the file content.
- Capability inventory: The agent utilizes subprocess execution to run CLI search tools.
- Sanitization: There is no evidence of sanitization or filtering applied to the source code content being scanned.
Audit Metadata