elevate-code
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the auditing and transformation of local source code, which creates a surface for indirect prompt injection. Maliciously crafted files within an analyzed project could contain hidden instructions (disguised as code comments or documentation) designed to influence the agent's behavior during report generation or code transformation phases.
- Ingestion points: The skill uses
grepto recursively scan project files for specific pattern markers as defined inSKILL.md(Step 2 and 3). - Boundary markers: No specific delimiters or safety instructions are provided to the agent to treat discovered code as untrusted data or to ignore embedded instructions found within those files.
- Capability inventory: The agent performs file reading via shell commands (
grep), directory creation (mkdir), and file writing for project scaffolding. - Sanitization: Scanned file content is not sanitized or escaped before being incorporated into the agent's output context or proposals.
- [COMMAND_EXECUTION]: The operational instructions in
SKILL.mddirect the agent to execute recursive shell commands (grep -rE) against the user's project directory to identify and score existing patterns. These commands operate directly on the local filesystem and read the contents of all files matching the scan criteria.
Audit Metadata