access-control
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes untrusted source code that could contain malicious instructions.\n
- Ingestion points: The skill reads files from user-controlled paths such as
**/routes/**and**/controllers/**in the target codebase.\n - Boundary markers: No explicit boundary markers or instructions to ignore embedded prompts within the analyzed code are provided.\n
- Capability inventory: The skill has the capability to execute shell commands (
semgrep,bandit,brakeman) and read local files.\n - Sanitization: No sanitization or escaping of the input source code is specified before it is analyzed by the model.\n- [COMMAND_EXECUTION]: The skill executes well-known security tools (
semgrep,bandit,brakeman) on the target code. These tools are used within their intended scope for security auditing.
Audit Metadata