learn
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by retrieving and processing the user's local source code.\n
- Ingestion points: Source code snippets retrieved via Grep and Glob tools as defined in the walkthrough structure.\n
- Boundary markers: There are no explicit boundary markers or instructions to the agent to disregard instructions found within the code snippets.\n
- Capability inventory: The skill's capabilities are restricted to codebase searching and conversational responses; it has no file-write or network-access capabilities.\n
- Sanitization: The skill does not perform sanitization of the retrieved code content.
Audit Metadata