naming
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes content from untrusted files within the codebase (such as README, package.json, and vision documents) to generate name candidates.\n- Ingestion points: Reads project materials at the provided codebase path to extract naming seeds.\n- Boundary markers: No explicit delimiters or instructions are used to isolate or ignore potentially malicious instructions within the ingested project files.\n- Capability inventory: The skill triggers a naming sub-agent that performs external lookups via web search, domain availability checks, and GitHub API.\n- Sanitization: No sanitization or validation of the data extracted from the project files is performed before it is processed by the agent.
Audit Metadata