extract
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill instructs the agent to analyze and process local source code files which could contain malicious or hidden instructions.
- Ingestion points: Target source files located via keyword searches (e.g., 'grep') in the 'Discover' phase.
- Boundary markers: No delimiters or specific safety instructions are provided to help the agent distinguish between code patterns and potential embedded instructions.
- Capability inventory: The skill utilizes file reading, writing (creation of components/tokens), and deletion (removing dead code).
- Sanitization: The process lacks validation or sanitization steps for the data ingested from external files.
- [SAFE]: No hardcoded credentials, API keys, or sensitive configuration paths (like .ssh or .aws) are accessed or exposed.
- [SAFE]: No network operations or external data transfers are performed, preventing exfiltration.
- [SAFE]: No execution of unverified remote code or installation of third-party packages.
Audit Metadata