reconnaissance
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to survey and summarize content from the local codebase (structure, dependencies, and documentation), which creates a surface for indirect prompt injection. Malicious instructions embedded in these surveyed files could influence the agent's behavior during the synthesis of the reconnaissance dossier.
- Ingestion points: Target codebase structure, existing tests, dependency files (package.json, requirements.txt, go.mod), and internal Markdown files located in the
docs/gangsta/directory. - Boundary markers: The skill lacks explicit instructions or delimiters to help the agent distinguish between its own instructions and the potentially adversarial data found in the surveyed files.
- Capability inventory: The skill performs extensive file system read operations and writes synthesized reports to the local file system.
- Sanitization: There is no evidence of validation or sanitization of the extracted content before it is processed into the final dossier.
Audit Metadata