code-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands (git, swift, xcodebuild, jq) via metadata triggers to collect project information and environment versions.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data (source code) with significant logic.
- Ingestion points: Uses Read, Grep, and Glob tools to ingest content from the local codebase.
- Boundary markers: No specific boundary markers or instructions are provided to the model to ignore instructions embedded within comments or strings of the analyzed code.
- Capability inventory: Includes shell execution for environment metadata gathering (git diff, swift --version, xcodebuild).
- Sanitization: No sanitization or filtering is applied to the ingested source code before it is presented to the agent for analysis.
Audit Metadata