analyze
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill does not contain instructions attempting to bypass safety filters or override agent behavior. The instructional text is focused on project analysis and user configuration.
- [DATA_EXFILTRATION]: While the skill reads sensitive files like
.env.exampleand manifests (e.g.,package.json,requirements.txt), it does so strictly for tech stack detection and documentation purposes. There are no network operations or exfiltration patterns detected. It specifically includes path traversal protection by stopping directory searches at the.gitroot. - [COMMAND_EXECUTION]: The skill utilizes common shell utilities (e.g.,
find,grep,cat,ls,wc) for static analysis of the codebase. These commands are used to count files, detect frameworks, and extract metadata. No high-risk commands likesudoor unauthorized modifications were found. - [REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. It references standard package managers (e.g.,
npm,pip,go) for optional dependency upgrades in 'Brownfield' mode, which target official registries. - [EXTERNAL_DOWNLOADS]: No external URLs or remote assets are fetched during the analysis process.
- [INDIRECT_PROMPT_INJECTION]: As a codebase analyzer, the skill ingests untrusted data from the user's project files. It implements boundary markers (e.g., using
headto limit output) and focuses on metadata extraction rather than executable interpolation, though the risk is inherently low for this utility type.
Audit Metadata