acquire-codebase-knowledge
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (
scripts/scan.py) to gather codebase metadata. This script usessubprocess.runwith argument lists to invokegitcommands (e.g.,git log,git rev-parse), preventing shell injection. \n- [PROMPT_INJECTION]: The skill processes content from the target codebase, which serves as a surface for indirect prompt injection. \n - Ingestion points: Source files, configuration, and scan results containing comments and metadata are read by the agent. \n
- Boundary markers: The instructions lack delimiters or specific instructions to ignore embedded commands in analyzed content. \n
- Capability inventory: The agent can create files in
docs/codebase/and execute the local analysis script. \n - Sanitization: Data from the codebase is processed without filtering or validation.
Audit Metadata