analyze-impact
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses grep, find, and ls to trace dependencies and locate test files within the local repository. These tools are used for their intended purpose of information retrieval and do not involve remote execution or shell interpolation of untrusted data.- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes project plans and source code.
- Ingestion points: Reads files from plans/, phases/, and implementation directories, as well as source code files such as .ts and .py.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when reading these files.
- Capability inventory: The skill can search the filesystem using grep and find, and it writes impact reports back to the plans directory.
- Sanitization: No explicit sanitization or validation of the input file content is performed before analysis.
Audit Metadata