Skills
skills/levnikolaevich/claude-code-skills/ln-637-test-structure-auditor/Gen Agent Trust Hub

ln-637-test-structure-auditor

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from the repository being audited.
  • Ingestion points: The workflow parses testFilesMetadata and utilizes Glob and Grep to scan directory structures and file contents within the SKILL.md file's context.
  • Boundary markers: The instructions do not specify any delimiters or safety markers to differentiate between the auditor's logic and potentially malicious instructions embedded in the scanned files.
  • Capability inventory: The skill has access to Bash, Read, and Write tools (documented in SKILL.md), which provide a significant capability surface if the agent is manipulated via injected content.
  • Sanitization: No evidence of sanitization, escaping, or validation of the codebase data is present before the information is processed by the auditing logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 09:02 PM