code-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function is to process and analyze external code files provided by the user. This creates an indirect prompt injection surface where instructions or adversarial text embedded within code comments or string literals could attempt to influence the agent's behavior during the analysis task.\n
- Ingestion points: The
file_contentvariable processed by theCodeAttentionScorerand the agent's code analysis workflow defined inSKILL.md.\n - Boundary markers: The skill uses a structured 4-step workflow (Objective, Deliverables, Content, Token Estimation) to keep the agent focused, and includes a mandatory "Wait for '批准计划' (Approve Plan)" step that requires human confirmation before execution.\n
- Capability inventory: The skill possesses the ability to read local files, execute its internal Python scoring module, and write documentation to the repository. It lacks network access or elevated administrative privileges.\n
- Sanitization: There is no explicit sanitization or filtering of the code content to remove potential instructions before the agent performs its analysis.\n- [SAFE]: The included Python module
attention_focus.pyperforms static analysis of code strings to rank components by importance. It relies on safe, standard library functions (regex and string matching) and does not involve any high-risk operations such as dynamic code execution (eval,exec), filesystem modification, or network requests.
Audit Metadata