Skills
skills/j-morgan6/elixir-phoenix-guide/code-quality/Gen Agent Trust Hub

code-quality

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell and Elixir scripts from a specific local directory (~/.claude/scripts/elixir-phoenix-guide/). This includes run_analysis.sh for full project scans and code_quality.exs for targeted file analysis. These commands are integral to the skill's primary function of code auditing.
  • [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection (Category 8) because it processes potentially untrusted source code and provides analysis results back to the agent context.
  • Ingestion points: External source files defined by file patterns **/*.ex and **/*.heex (SKILL.md).
  • Boundary markers: Absent; there are no specific instructions to use delimiters or to disregard embedded natural language instructions within the code files being analyzed.
  • Capability inventory: The skill allows for local command execution via bash and elixir scripts (SKILL.md) which process the content of the ingested files.
  • Sanitization: No sanitization or validation of the source code content is performed before analysis or before reporting results to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 12:48 PM