comment-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses the Bash tool to execute static commands like grep and git log. These are used for searching code and checking modification history. No evidence of shell injection or dangerous command chaining was found.
- [PROMPT_INJECTION] (LOW): Category 8: Indirect Prompt Injection. The skill processes untrusted data from source code comments which could contain malicious instructions. Evidence: 1. Ingestion points: The skill uses grep and Read tools to ingest content from .ts files in the workflow section. 2. Boundary markers: No boundary markers or specific delimiters are defined to isolate untrusted comments from agent instructions. 3. Capability inventory: The skill has access to Read, Glob, Grep, and Bash tools for local inspection; it lacks network access or file-write capabilities. 4. Sanitization: No sanitization or filtering of the comment text is performed before it is analyzed by the model.
Audit Metadata