rust-call-graph
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the local project environment.
- Ingestion points: Source code content is ingested using the
LSP,Read, andGlobtools to identify function symbols and call relationships. - Boundary markers: The instructions do not define boundary markers (e.g., XML tags or delimiters) to separate ingested code from instructions, nor do they include commands to ignore potential instructions embedded in the source code (like comments).
- Capability inventory: The skill possesses capabilities for file system discovery (
Glob), file reading (Read), and code analysis (LSP). It does not appear to have write access or network capabilities. - Sanitization: There is no evidence of content sanitization or validation to prevent the agent from following instructions hidden within code comments or string literals encountered during the analysis.
Audit Metadata