vulnerability-pattern-matcher
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection.
- Ingestion points: The detection workflow in SKILL.md requires the agent to analyze external code structure and data flows provided by the user.
- Boundary markers: There are no explicit instructions or delimiters provided to ensure the agent ignores or sandboxes instructions embedded within the analyzed code, such as those found in comments or string literals.
- Capability inventory: The skill's own implementation is restricted to textual analysis and report generation, with no subprocess calls or network operations.
- Sanitization: No validation or sanitization rules are defined for the input code being processed.
Audit Metadata