declare
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from codebase files.
- Ingestion points: Step 1 and Step 2 instructions direct the agent to read
README,package.json,pyproject.toml,go.mod, and other configuration files from the project codebase. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are provided for the scanned content.
- Capability inventory: The skill allows the agent to write an
interf.yamlfile (SKILL.md) to the project root and provide a natural language summary. - Sanitization: No sanitization or validation of the extracted data is specified before it is used to generate the contract.
- [NO_CODE]: The skill consists entirely of markdown instructions and does not include or reference any executable scripts, binaries, or external code packages.
Audit Metadata