re-verify-report
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from project artifacts. ● Ingestion points: manifest.json, 04-report.md, 01-structure-map.md, 02-logic-.md, and 03-requirements-.md files located in docs/reverse/{analysis}/. ● Boundary markers: Absent; the skill does not use delimiters or explicit 'ignore instructions' warnings when reading artifact content. ● Capability inventory: The agent has access to Read, Grep, Glob, Bash, and Write tools. ● Sanitization: Absent; content is parsed and counted without validation or escaping.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform module and requirement counts and the Write tool to generate verification reports and update manifests. These capabilities are used for legitimate verification logic but provide the agent with significant system interaction capability within the execution context.
Audit Metadata