file-name-wizard
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and processes the contents of all files discovered via globbing to verify naming standards and internal consistency.
- Ingestion points: All codebase files identified in Phase 1 and the contents of files verified in Phase 2, as well as configuration standards extracted from CLAUDE.md files.
- Boundary markers: Absent; the instructions do not provide delimiters or specific commands to treat file content as data rather than instructions.
- Capability inventory: The skill utilizes file system read and write capabilities to audit files and generate reports; it does not request network access or arbitrary command execution.
- Sanitization: None; there is no validation or filtering of file content before it is processed by the agent.
Audit Metadata