prop-drill
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's core logic involves searching and reading local source code files (.tsx, .ts) to identify prop definitions and usage. It does not access sensitive system files or credentials.
- [PROMPT_INJECTION]: The skill analyzes external data in the form of the user's source code. This represents a surface for indirect prompt injection if malicious instructions were placed in code comments. However, the skill provides specific output templates (tables, Mermaid flowcharts) which helps the agent maintain focus on the analytical task.
- [EXTERNAL_DOWNLOADS]: The skill includes optional workflows to search for architectural patterns and documentation using well-known services like 'exa' and 'context7'. These operations are used purely for informational purposes and align with the stated goal of providing improvement suggestions.
Audit Metadata