acc-identify-entry-points
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): The skill ingests untrusted external data (application source code) and processes it to build an architectural map. Maliciously crafted comments or code patterns in the analyzed files could influence the agent's summary or downstream actions.
- Ingestion points:
ReadandGrepcommands targeting local files like**/*.php,config/routes*.yaml, andbin/*. - Boundary markers: Absent. There are no explicit delimiters or instructions to ignore embedded directives in the analyzed code.
- Capability inventory: Limited to read-only operations (
Grep,Glob,Read) within the provided file. No network or write capabilities detected. - Sanitization: Absent. The skill extracts and summarizes content directly from the source code.
- [Data Exposure] (LOW): The skill systematically maps sensitive application metadata, including authentication mechanisms (
JWT,Role), routes, and CLI command signatures. This information exposure, while inherent to the skill's purpose, provides a blueprint for further exploitation if the agent's context is leaked.
Audit Metadata