readiness-report
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) due to its core workflow. * Ingestion points: Data enters the agent context from external repositories cloned during analysis (e.g., README, CI configs). * Boundary markers: None are defined to prevent the agent from following instructions embedded in the analyzed repository. * Capability inventory: The agent has file-write permissions for 'Automated Remediation' (writing AGENTS.md, templates, etc.), script execution for analysis, and network access for cloning. * Sanitization: No sanitization or validation of external content is performed before processing.
- External Downloads (LOW): The skill requires the agent to clone repositories from user-supplied URLs, which is a network operation involving untrusted external sources. While standard for this use case, it constitutes a baseline risk.
Audit Metadata