c3-query
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's behavior is consistent with its stated purpose of architectural navigation. It does not perform network operations, execute arbitrary code, or access sensitive system files.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it reads and processes user-controlled project files. This is documented as a potential risk factor inherent to the skill's primary function.\n
- Ingestion points: Documentation in the .c3/ folder and source files in the src/ directory.\n
- Boundary markers: The skill uses a structured 'Skill Harness' and traversal rules, though it lacks explicit delimiters for raw data.\n
- Capability inventory: Limited to read-only tools (read, glob, grep).\n
- Sanitization: No specific filtering is performed on the ingested content.
Audit Metadata