Framework Detector
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill identifies frameworks by scanning untrusted files within a project directory, which could allow an attacker to influence agent orchestration.
- Ingestion points: Project configuration files (
package.json,Gemfile,mix.exs,*.csproj) and source code files (.ts, .js, .rb, .ex, .cs, .razor) provided in the project path. - Boundary markers: No explicit delimiters or warnings for the agent to ignore instructions embedded within the scanned files are present.
- Capability inventory: The detection output is intended to be consumed by
SkillLoader, which dynamically loads additional tools or skills based on the classification result. - Sanitization: The skill uses weighted string and regex matching against a hardcoded list in
framework-patterns.json, which restricts the output space but does not prevent an attacker from 'poisoning' a project to be misidentified as a specific framework.
Audit Metadata