design-smell-detector
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted source code for analysis, which presents a surface for indirect prompt injection attacks.
- Ingestion points: The script
scripts/detect_smells.pyreads content from user-provided Python files and directories. - Boundary markers: The analysis report is output as plain text or JSON without using protective delimiters or explicit instructions to ignore potentially malicious content within the analyzed files.
- Capability inventory: The skill is limited to reading local files and performing static analysis via the Python
astmodule; it has no network, file-write, or arbitrary command execution capabilities. - Sanitization: Identifiers (class and method names) are extracted from the source code and included directly in the reports without sanitization, which could allow malicious instructions embedded in these identifiers to reach the agent context.
Audit Metadata