Skills
skills/davidcastagnetoa/skills/dependency_graph_analysis/Gen Agent Trust Hub

dependency_graph_analysis

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the installation of standard tools pydeps and graphviz from official package registries using pip and brew.
  • [COMMAND_EXECUTION]: The skill executes the pydeps utility to analyze the directory structure and generate dependency graphs for the backend/modules path.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes external data in the form of system source code.
  • Ingestion points: The skill parses Python modules and import statements from the backend/modules directory.
  • Boundary markers: No delimiters or specific instructions are provided to ensure the agent ignores natural language instructions embedded within the analyzed code comments or strings.
  • Capability inventory: The skill utilizes package managers (pip, brew) and structural analysis tools (pydeps) which are triggered by the analysis process.
  • Sanitization: There is no evidence of sanitization or validation of the input source code before it is passed to the analysis tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 04:50 AM