code-antipatterns
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is configured to use
Bash(sg *)andBash(rg *)for executingast-grepandripgrep. These tools are used to search the local filesystem for specific code patterns. This behavior is consistent with the skill's primary purpose of code analysis.\n- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it reads and processes untrusted source code from the local environment.\n - Ingestion points: Local source files (.js, .ts, .vue, .py) located using
findand searched usingrgandsg.\n - Boundary markers: Absent; the skill does not implement delimiters or provide instructions to the agent to ignore potential commands embedded in the files being analyzed.\n
- Capability inventory: Execution of bash-based analysis tools, task management, and file reading.\n
- Sanitization: Absent; there is no evidence of validation or sanitization of file content before it is passed to the AI agent for interpretation.
Audit Metadata