reviewing
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes input documents, which constitutes a standard surface for indirect prompt injection.
- Ingestion points: Document content is read and classified in Step 1 of SKILL.md.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are implemented for the input text.
- Capability inventory: The skill can perform file writes (auto-fixing minor issues in Step 6) and spawn the codebase-analyzer agent (Step 4).
- Sanitization: No validation or sanitization of the document content is performed before processing.
- [SAFE]: The skill's logic does not include malicious code, obfuscation, or unauthorized network requests. All referenced tools and agents are internal to the environment.
Audit Metadata