ln-641-pattern-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs local file system searches using
GlobandGrepto find pattern implementations. These operations are restricted to specific programming language file extensions and are a core part of the code analysis workflow. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it reads and processes the content of untrusted source code files during its analysis phase. Malicious instructions placed in code comments could potentially manipulate the agent's scoring logic or the contents of the generated report.
- Ingestion points: Reads files found in the local directory using
Read(file)in Phase 2. - Boundary markers: No delimiters or instructions to ignore embedded commands are used when reading file content.
- Capability inventory: The skill has capabilities to read and write files, and execute glob and grep searches.
- Sanitization: No sanitization or validation of the analyzed code content is performed before processing.
Audit Metadata