pentest-whitebox-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Prompt Injection] (LOW): The skill is vulnerable to indirect prompt injection from audited source files and external content. Ingestion points include untrusted source files provided via 'source_path' and remote files via 'sourcemap_extract'. No boundary markers or 'ignore' instructions are defined to protect the agent's reasoning from instructions embedded in analyzed code. The capability inventory includes execution of static analysis tools and generation of exploitation payloads, which could be misdirected by malicious code comments.
- [External Downloads] (LOW): The 'sourcemap_extract' tool allows the agent to make outbound network requests to arbitrary URLs to fetch JavaScript source maps without a domain whitelist.
Audit Metadata