production-readiness-audit
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill processes untrusted codebase content which acts as a primary vector for indirect prompt injection. \n
- Ingestion points: Reads all files within a target codebase (source code, configs, docs). \n
- Boundary markers: None mentioned in documentation to separate code from instructions. \n
- Capability inventory: Recursive file read access to the entire codebase; file write access for report generation in
docs/audits/. \n - Sanitization: No mention of content sanitization or instruction filtering for processed files. \n- [Data Exposure] (MEDIUM): The tool is designed to access sensitive infrastructure definitions, security configurations, and access control files, which increases the impact if the agent is compromised via the codebase content.
Recommendations
- AI detected serious security threats
Audit Metadata