Skills
skills/dykyi-roman/awesome-claude-code/trace-request-lifecycle/Gen Agent Trust Hub

trace-request-lifecycle

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading and processing external source code files (PHP and YAML configuration) which could contain embedded instructions intended to manipulate the agent context.
  • Ingestion points: Source code files including **/*.php, **/routes/*.php, and config/routes/api.yaml.
  • Boundary markers: Absent; the skill does not explicitly instruct the agent to ignore or delimit embedded instructions within the code files being analyzed.
  • Capability inventory: grep (system search) and read (file content inspection).
  • Sanitization: Absent; content is analyzed directly to map logic flow, meaning any malicious payload in comments or strings could be processed by the LLM.
  • [COMMAND_EXECUTION]: The skill relies on executing grep commands to perform pattern matching across the filesystem to identify route definitions, middleware stacks, and repository operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 09:59 AM