general-vs-special
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill content is purely instructional, providing a 'Review Lens' for assessing software architecture. It does not contain executable scripts, download external resources, or attempt to bypass agent safety guidelines. All tools used (Read, Grep) are appropriate for the stated purpose of code analysis.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external files provided as arguments.\n
- Ingestion points: The skill reads file content using the
ReadandGreptools on user-specified paths.\n - Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the skill definition.\n
- Capability inventory: The agent's capabilities are limited to reading and searching files (
Read,Grep). It lacks capabilities for code execution, file writing, or network transmission, which mitigates the risk of a successful injection attack.\n - Sanitization: No sanitization or validation of the ingested code content is performed.
Audit Metadata