configure-dead-code
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform system discovery (using find and pwd), install development dependencies, and execute static analysis tools locally.
- [EXTERNAL_DOWNLOADS]: The skill downloads development tools and packages from standard, well-known registries including npm, PyPI (via uv), and crates.io (via cargo). It also uses WebFetch to retrieve versioning information and documentation from official tool websites such as knip.dev and GitHub repositories of the respective tools.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection vulnerabilities as it ingests and processes untrusted project data (e.g., package.json, pyproject.toml, Cargo.toml).
- Ingestion points: Reads contents of manifest and configuration files from the project workspace to detect languages and tool settings.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to treat data from these files as untrusted content.
- Capability inventory: The skill has access to Bash for arbitrary command execution, Write/Edit for file system modification, and WebFetch for network requests.
- Sanitization: There is no evidence of sanitization or strict schema validation performed on the contents of the ingested configuration files before they are used to inform agent actions.
Audit Metadata