skill-dependency-mapper
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes Python and Bash scripts (scripts/analyze_skills.py and scripts/detect_bottlenecks.py) to parse skill metadata and generate optimization reports. These scripts are part of the local skill package and do not execute untrusted remote code.
- [DATA_EXPOSURE] (SAFE): Analysis is limited to metadata such as tool names, file format associations, and complexity metrics. The skill does not access sensitive system files, environment variables, or private user data.
- [INDIRECT_PROMPT_INJECTION] (LOW): This skill exposes a surface for indirect prompt injection because it processes data from external skills in the environment. \n1. Ingestion points: Metadata files (SKILL.md) for all skills located in /mnt/skills. \n2. Boundary markers: No delimiters or instructions to ignore embedded content are used during metadata parsing. \n3. Capability inventory: The skill can execute local scripts, write reports to /tmp, and generate markdown summaries. \n4. Sanitization: No explicit sanitization of metadata content is performed before including it in analysis reports. The risk is low as the tool is designed for structural analysis rather than executing content from the scanned skills.
Audit Metadata