ln-620-codebase-auditor
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates as a high-level orchestrator within a defined audit framework. It utilizes local reference files for its runtime contracts and delegates analysis to related auditor skills within the same namespace.
- [PROMPT_INJECTION]: As a codebase auditor, the skill exhibits a surface for indirect prompt injection due to its handling of untrusted project data and external research materials. 1. Ingestion points: Source code files analyzed during Phase 1 (Discovery) and documentation or web results retrieved during Phase 2 (Research). 2. Boundary markers: No explicit delimiters or instruction-bypass protections are defined within this coordinator file. 3. Capability inventory: Orchestrates specialized sub-workers (e.g., security, dependencies, and code quality auditors) using the platform's Skill tool. 4. Sanitization: There is no evidence of data sanitization or input validation for content ingested from the target codebase or research sources.
Audit Metadata