extract-domain-concepts
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes grep and glob commands to search for code patterns within a project. These operations are limited to static analysis of local files and do not involve untrusted input or shell injection.- [PROMPT_INJECTION]: No instructions were found that attempt to override agent behavior or bypass safety guidelines. The skill has an indirect injection surface because it reads source code, but it lacks exploitable capabilities to pose a risk.
- Ingestion points: PHP source files via glob and grep.
- Boundary markers: Absent.
- Capability inventory: File reading and searching only.
- Sanitization: Absent.- [DATA_EXFILTRATION]: No hardcoded credentials, sensitive file path access, or network exfiltration patterns were detected.- [REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts, nor does it install third-party packages.
Audit Metadata