12-factor-apps-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from a codebase, which creates a surface for indirect prompt injection. Malicious instructions embedded in the analyzed code could potentially influence the agent's behavior.
- Ingestion points: Files within the codebase path specified by $ARGUMENTS.
- Boundary markers: None; the skill does not define specific delimiters or instructions to ignore embedded commands in the target files.
- Capability inventory: The agent is instructed to read files and use search tools (grep) to evaluate content.
- Sanitization: No validation or sanitization is performed on the codebase content before processing.
Audit Metadata