verification
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands (
mkdir -p) to create directories for saving verification reports. This is part of its core functionality for report generation and management. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted data from local project files (e.g., source code, configuration files, and documentation).
- Ingestion points: Reads various local files including
package.json,.env.example,graph.py, andprompts.py(SKILL.md Steps 1b and 2). - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified when the agent processes the file content.
- Capability inventory: The skill has the capability to read local files, create directories (
mkdir -p), and write report files (Step 5). - Sanitization: No evidence of sanitization or filtering of external content before processing was found.
- [DATA_EXPOSURE]: The skill reads project configuration files such as
.env.exampleto check for security best practices. However, the instructions explicitly state that all analysis is performed locally and no data is exfiltrated to external services.
Audit Metadata