code-trace
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes and explains untrusted source code. Malicious instructions hidden within the code (e.g., in comments) could potentially influence agent behavior during the tracing process.\n
- Ingestion points: Project configuration (package.json) and source files are read from the project root.\n
- Boundary markers: The skill uses structured step formats and thinking markers to delimit analysis, but does not explicitly sanitize code content against prompt injection.\n
- Capability inventory: Utilizes
scripts/detect-framework.shand Serena MCP tools for file searching, code reading, and state management.\n - Sanitization: There is no mention of filtering or sanitizing instructions found within the code being traced.\n- [COMMAND_EXECUTION]: The skill executes a local vendor-provided script,
scripts/detect-framework.sh, to identify the project framework. This script performs standard file read operations to determine the environment.
Audit Metadata