index-knowledge
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Employs standard shell utilities including 'find', 'awk', 'wc', and 'sed' to analyze project structure, file distribution, and directory complexity.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it reads untrusted data from the codebase to extract conventions from comments (e.g., 'DO NOT' or 'DEPRECATED').
- Ingestion points: Files within the target directory are identified and read via 'find' and 'Read' operations.
- Boundary markers: No explicit delimiters or guardrail instructions are provided to ensure agents ignore embedded commands within source code.
- Capability inventory: The skill is capable of bash execution, file system modification, and spawning parallel sub-agents.
- Sanitization: No sanitization or escaping of file content is performed prior to processing.
- [COMMAND_EXECUTION]: Dynamically constructs bash commands to calculate project scale indicators such as total files and lines, which subsequently dictates the number of additional tasks to be spawned.
Audit Metadata