takt-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes external TAKT pieces, facets, and execution logs (SKILL.md), which creates a surface for indirect prompt injection. Ingestion points include piece YAML files and Markdown facets that are interpreted by the agent. A malicious workflow piece could attempt to influence the analyzer's behavior or reports. Capability inventory includes high-privilege tool usage (Bash, Edit) and network operations (WebFetch) described in piece definitions like default.yaml and deep-research.yaml. Boundary markers consist of structured YAML parsing, but instructions are interpolated into the agent context.
- [COMMAND_EXECUTION]: Workflow pieces defined and analyzed by the skill (e.g., dual.yaml, terraform.yaml) allow the use of the
BashandEdittools. These capabilities are necessary for the skill's primary purpose as an automated coding and IaC implementation assistant but represent a high-permission surface that relies on the underlying provider's sandbox integrity. - [EXTERNAL_DOWNLOADS]: The repertoire system (repertoire.md) facilitates the installation of external TAKT packages from GitHub repositories via the
ghCLI. The installation process includes security guardrails such as file size limits, file count restrictions, and path traversal validation using realpath resolution.
Audit Metadata