ln-612-semantic-content-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requests the use of Bash, Grep, and Glob tools to navigate the repository and analyze the semantic content of documentation files. It also references other skills from the same author (levnikolaevich) using relative paths (e.g., ../ln-*).
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and analyzing untrusted project documentation. * Ingestion points: The skill reads project-specific files such as docs/project/architecture.md, api_spec.md, and CLAUDE.md. * Boundary markers: There are no explicit delimiters or boundary markers used to separate document content from agent instructions. * Capability inventory: The skill utilizes Bash and has the ability to write reports to the file system. * Sanitization: No sanitization or filtering of the document content is performed prior to analysis. Mitigation: Wrap audited content in unique delimiters and provide explicit instructions to the agent to ignore any embedded directives or instructions within those delimiters.
Audit Metadata