cco-anatomy
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's instructions and execution logic are transparent and align strictly with its primary purpose of generating a codebase anatomy map for context management.
- [COMMAND_EXECUTION]: The skill runs a local Node.js script (
src/anatomy.js) to analyze project files. The execution string correctly uses environment variables and quotes for the directory path to ensure safe command execution. - [PROMPT_INJECTION]: The skill processes untrusted data from the local filesystem (file names and sizes), creating a potential surface for indirect prompt injection if the codebase contains malicious metadata. Ingestion points: File metadata and content from the current project directory (referenced in SKILL.md). Boundary markers: No explicit delimiters or instructions to ignore embedded commands are included in the prompt. Capability inventory: The skill uses Bash and Read tools to inspect the filesystem. Sanitization: No evidence of sanitization or filtering of codebase content is present in the instructions.
Audit Metadata