Skills
skills/giancarloerra/socraticode/codebase-management/Gen Agent Trust Hub

codebase-management

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The management tools include the ability to send termination signals (SIGTERM) to processes that hold locks on the codebase index, as described in the codebase_stop tool in references/tool-reference.md.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the setup of indexing infrastructure by pulling Docker images and downloading embedding models from well-known technology providers such as Docker and Ollama.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and indexing external project files which could contain malicious instructions.
  • Ingestion points: codebase_index, codebase_update, and codebase_context_index (defined in references/tool-reference.md) read data from user-specified project paths.
  • Boundary markers: The instructions do not define specific delimiters or warnings to the agent to disregard instructions found within the indexed codebase files.
  • Capability inventory: The skill has the capability to read any file in the provided path, manage local processes, and communicate with external or local vector database and embedding services.
  • Sanitization: No sanitization or validation of the ingested file content is specified before the data is indexed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 04:22 PM