context-engine
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface by providing patterns and scripts for ingesting and processing untrusted codebase data into the agent's context.
- Ingestion points: Knowledge graph construction and context retrieval workflows described in SKILL.md, and file ingestion in scripts/memory_indexer.py.
- Boundary markers: The Context Handoff Protocol in SKILL.md suggests using structured summaries and constraints, but no strict technical delimiters are enforced in the provided scripts.
- Capability inventory: scripts/context_analyzer.py, scripts/context_pruner.py, and scripts/memory_indexer.py perform file read operations across codebases. scripts/context_pruner.py additionally possesses file write capabilities.
- Sanitization: The scripts do not perform semantic sanitization or instruction filtering on the content being analyzed, pruned, or indexed.
Audit Metadata