sc-analyze
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and analyze untrusted source code, which serves as a potential vector for indirect prompt injection.
- Ingestion points: The target argument allows the agent to read arbitrary files via Glob and Read commands as defined in the execution steps.
- Boundary markers: The instructions do not define specific delimiters or instructions to prevent the agent from obeying commands embedded within the analyzed code.
- Capability inventory: Capabilities are restricted to read-only operations (Glob, Grep, Read); no file-write, network, or arbitrary command execution capabilities are present in the skill definition.
- Sanitization: No explicit sanitization or filtering of the file content is performed before analysis.
Audit Metadata