code-naming-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection surface detected. The skill's workflow involves reading and analyzing local project files which could contain malicious instructions that influence the agent's behavior. \n
- Ingestion points: Step 1 and Step 3 involve reading
docs/glossary.md,terminology.md, and any source code files within the user-defined audit scope. \n - Boundary markers: There are no instructions to wrap file content in delimiters or to ignore potential instructions embedded within the code or documentation being audited. \n
- Capability inventory: The agent has the ability to read local files and use a
replacetool to modify the filesystem. \n - Sanitization: The skill does not implement validation or sanitization of the file content before it is processed by the model. \n- [COMMAND_EXECUTION]: The skill uses a
replacetool to perform automated naming refactors. While this is a requested feature, it involves systematic modification of the user's codebase.
Audit Metadata