readme-improvement
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform project discovery, searching for patterns, and mapping directories to understand the project structure.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8). 1. Ingestion points: The agent reads project files using Read, Grep, and Glob to extract feature and setup information. 2. Boundary markers: No explicit delimiters or 'ignore instructions' warnings are provided for the data read from files. 3. Capability inventory: The agent has access to Write, Edit, and Bash tools, which could be misused if instructions inside analyzed files are inadvertently followed. 4. Sanitization: No sanitization or validation is applied to the content extracted from the local project files before processing.
Audit Metadata