Skills
skills/jeo-tech-ai/oh-my-unity3d/codebase-search/Gen Agent Trust Hub

codebase-search

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests and uses the Bash tool to execute grep, glob, and git commands. This allows for deep codebase inspection but provides the agent with a broad attack surface for arbitrary command execution on the host system.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and analyzes content from files within a codebase. Ingestion points: Files are read via Read and Grep tools (SKILL.md). Boundary markers: There are no explicit instructions to use delimiters or ignore instructions embedded within the files being searched. Capability inventory: The skill has access to Read, Grep, Glob, and Bash tools. Sanitization: Content retrieved from the codebase is not sanitized before being processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:59 AM