code-search-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it is designed to read and process untrusted code from external repositories during its search and ranking process.\n
- Ingestion points: According to the workflow in SKILL.md, the agent reads file contents based on results from Grep and Glob operations to perform similarity analysis.\n
- Boundary markers: There are no explicit instructions or delimiters defined to ensure the agent ignores natural language instructions or 'jailbreak' attempts that might be embedded within the source code files it analyzes.\n
- Capability inventory: The skill allows the agent to perform comprehensive filesystem searches (via Grep and Glob) and read the contents of any file within the search scope.\n
- Sanitization: No sanitization, filtering, or validation of the ingested code snippets is described to prevent instructions in data from being interpreted as agent commands.
Audit Metadata