project-analyze
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection due to its handling of untrusted project data.
- Ingestion points: The skill ingests untrusted content from the user's project files through the Read, Grep, and Glob tools and includes this content in subagent prompts.
- Boundary markers: In phases/02-project-exploration.md and phases/03.5-consolidation.md, external data and user-defined variables (such as 'scope') are interpolated into task prompts without the use of XML tags, delimiters, or 'ignore instructions' warnings.
- Capability inventory: The skill has access to high-privilege tools including Bash, Write, and the Task tool for spawning additional agents, which could be exploited if an injection occurs.
- Sanitization: Codebase content and user-supplied scope parameters are not sanitized or validated before being included in the reasoning context of the analysis agents.
Audit Metadata