audit
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It reads source code and project metadata from the target repository and includes this content in prompts sent to multiple specialized sub-agents.\n
- Ingestion points: Code files are read and processed during the detection and audit phases.\n
- Boundary markers: The prompts used to invoke sub-agents do not employ specific delimiters or instructions to ignore embedded instructions within the audited code.\n
- Capability inventory: The skill can write files, commit to git, and create tasks via the TaskCreate tool.\n
- Sanitization: No sanitization of the ingested code content is performed before it is processed by the LLM reviewer agents.\n- [COMMAND_EXECUTION]: The skill executes several shell commands for project analysis. It runs npm audit and pip-audit for vulnerability scanning and uses npx -y knip for dead code detection. It also executes a vendor-provided script scripts/cleanup-orphaned-agents.sh for process management.
Audit Metadata