proje-analizcisi
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple local shell scripts (
phase1_discovery.shandphase2_analysis.sh) to perform project scanning. - Evidence:
bash ~/.gemini/antigravity/skills/proje-analizcisi/scripts/phase1_discovery.shandbash ~/.gemini/antigravity/skills/proje-analizcisi/scripts/phase2_analysis.sh. - The scripts utilize various CLI tools including
find,grep,awk,git, andxargsto process project data. - [DATA_EXFILTRATION]: The skill is designed to search for and extract sensitive information such as hardcoded credentials and environment variables for reporting purposes.
- Evidence: Grep patterns for
password,api_key, and.envfiles inscripts/phase2_analysis.sh. - Accessing these values brings them into the agent's context, though no external transmission (exfiltration) to third-party domains was detected in the scripts.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from project files.
- Ingestion points: Reads files throughout the analyzed project directory using
find,cat, andgrepinphase1_discovery.shandphase2_analysis.sh. - Boundary markers: None identified in
SKILL.mdto prevent the agent from obeying instructions embedded within the code being analyzed. - Capability inventory: The skill can execute bash scripts and create/write files (
mkdir -p docs/analyze). - Sanitization: No evidence of sanitization or escaping of external content before it is processed for report generation.
- [REMOTE_CODE_EXECUTION]: The skill uses
python3 -cto execute dynamic Python strings for JSON parsing ofpackage.jsonfiles. - Evidence: Hardcoded Python logic in
scripts/phase1_discovery.shandscripts/phase2_analysis.shused to check dependencies.
Audit Metadata