solo-audit
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Utilizes Bash and Grep tools to perform file system searches and identify patterns within markdown files.
- [REMOTE_CODE_EXECUTION]: Executes a local Python script (scripts/check_links.py) using the 'uv' runner if the file is present in the workspace. While this is a common pattern for audit tools, it involves executing code from the environment being analyzed.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes the content of markdown files in the user's workspace to generate summary reports. 1. Ingestion points: Markdown (.md) files identified via Glob and Read tools. 2. Boundary markers: Absent; the skill does not explicitly use delimiters or ignore instructions within the audited files. 3. Capability inventory: Read, Grep, Bash, Glob, and mcp__solograph__kb_search. 4. Sanitization: No sanitization or validation of external content is performed before interpolation into the output report.
Audit Metadata