deep-context
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill uses directive language ('MUST consult', 'Rules override conservative behaviors') to alter the agent's default operational constraints. This is a common pattern for overriding system-level instructions.\n- [DATA_EXFILTRATION]: Rule 1 ('Whole-File Reading') mandates reading entire files by default. This behavior increases the risk of exposing sensitive data (e.g., configuration files or environment variables) that might otherwise be partially read or summarized.\n- [PROMPT_INJECTION]: The instructions to read full dependency graphs and callers increase the surface area for processing untrusted data.\n
- Ingestion points: External files accessed via Read, Glob, and Grep tools as specified in SKILL.md.\n
- Boundary markers: None identified. The skill does not provide delimiters or instructions to ignore embedded directives in the files it reads.\n
- Capability inventory: The skill is designed to guide 'Read', 'Edit', and 'Build' operations across multiple files as referenced in the YAML frontmatter and Rules 1-5.\n
- Sanitization: None identified. The skill prioritizes loading raw source code into context to avoid losing nuance.
Audit Metadata