Skills
skills/getsentry/dotagents/django-access-review/Gen Agent Trust Hub

django-access-review

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted external codebases provided by the user. This creates a surface for indirect prompt injection if the code being scanned contains malicious instructions intended to mislead the agent. However, the instructions emphasize rigorous code tracing and verification before reporting, which acts as a procedural safeguard.
  • Ingestion points: Uses Read, Grep, and Glob tools to ingest Python and Django source files.
  • Boundary markers: None explicitly defined in the instructions for the code content itself.
  • Capability inventory: Access to Bash and Task tools allows for command execution, while Read allows file access.
  • Sanitization: No explicit sanitization of input code is performed by the skill; it relies on the agent's analytical capabilities.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash and Grep tools to search for authorization patterns within the codebase. These commands are static, localized to the project directory, and used solely for information gathering during a security audit.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 02:21 PM