harmonyos-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze untrusted source code, creating a surface where malicious instructions embedded in the project files could attempt to influence the agent's evaluation.
- Ingestion points: Project source files (.ets) and configuration files (.json5) accessed via grep.
- Boundary markers: No explicit delimiters or instructions to ignore embedded prompts are defined.
- Capability inventory: Local file system search (grep) and markdown report generation.
- Sanitization: No sanitization of scanned content is performed before presentation to the LLM.
- Command Execution (SAFE): The skill utilizes standard grep commands for local static analysis. These commands are consistent with the skill's purpose and do not involve remote code execution or privilege escalation.
Audit Metadata