re-structure-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to create documentation directories (e.g., mkdir -p docs/reverse/{name}).- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and summarizes untrusted content from user-provided codebases. \n
- Ingestion points: Files accessed via Read, Grep, and Glob based on the user-provided target argument.\n
- Boundary markers: Not present. The skill relies on instructional principles (Code is Truth, Behavior over Intent) rather than technical delimiters for ingested content.\n
- Capability inventory: The agent has access to Bash, Write, and Read tools, which could be exploited if malicious instructions in the source code are followed.\n
- Sanitization: No evidence of sanitization or escaping of the code content read from the filesystem.- [DATA_EXFILTRATION]: The typescript.md language reference identifies .env and .env.local as project configuration files. If the agent reads these files to determine project structure, there is a risk that sensitive credentials could be exposed or summarized in the output structure map.
Audit Metadata