analyze
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The documentation directs users to install the skill from a non-trusted repository (
bntvllnt/agent-skills) using the commandnpx skills add. This source does not belong to the list of verified organizations or repositories, posing a risk of unverifiable code execution during installation. - PROMPT_INJECTION (LOW): The skill's primary function is to ingest and analyze untrusted data, such as user-provided topics or local source code (e.g.,
analyze deep src/api/). This creates a vulnerability to indirect prompt injection (Category 8). - Ingestion points: User input strings and local file system paths specified in CLI arguments.
- Boundary markers: None documented; the skill does not specify delimiters or warnings to ignore instructions embedded within analyzed files.
- Capability inventory: Performs multi-agent parallel analysis and generates roadmaps based on input content.
- Sanitization: No evidence of sanitization, escaping, or validation of the external content before it is processed by the underlying LLM.
Audit Metadata