symbolic-execution-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill instructions and reference materials describe legitimate security analysis workflows with no evidence of malicious intent.
- [EXTERNAL_DOWNLOADS]: References installation of trusted symbolic execution engines (KLEE, Java PathFinder) and libraries from well-known sources.
- [COMMAND_EXECUTION]: Contains standard setup commands for technical environments, including package installation via apt-get and pip, and compilation via clang.
- [PROMPT_INJECTION]: The process of analyzing user-provided source code creates an indirect prompt injection surface. 1. Ingestion points: Code provided by the user for analysis in SKILL.md. 2. Boundary markers: None mentioned. 3. Capability inventory: Execution of compilation and analysis tools (clang, KLEE, angr). 4. Sanitization: No input validation is defined.
Audit Metadata