injection
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design. \n
- Ingestion points: The skill reads source code files for analysis in the 'Claude Analysis' step of the workflow defined in SKILL.md. \n
- Boundary markers: The workflow lacks explicit delimiters or instructions to prevent the agent from following malicious instructions that might be embedded in the analyzed code, such as in comments or strings. \n
- Capability inventory: The skill is capable of executing several command-line tools (semgrep, bandit, gosec, brakeman, spotbugs) and producing structured findings. \n
- Sanitization: There is no evidence of sanitization or filtering of the source code content before it is passed to the LLM for analysis.
Audit Metadata