ln-645-open-source-replacer
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions direct the agent to download reference files and templates from the author's GitHub repository (github.com/levnikolaevich/claude-code-skills) if they are not available locally.
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection because it ingests untrusted data from the user's codebase and uses it to drive search and fetch operations.
- Ingestion points: Untrusted project code is read during the classification and goal extraction phases.
- Boundary markers: There are no explicit markers or safety instructions to prevent the agent from being influenced by malicious content within the analyzed files.
- Capability inventory: The skill uses tools like WebSearch, WebFetch, and Bash, which could be misused if an injection occurs.
- Sanitization: No sanitization or validation of the extracted code functionality is specified before passing it to search tools.
- [COMMAND_EXECUTION]: The skill uses the Bash tool for routine file analysis tasks, specifically counting the number of lines in candidate files using the 'wc -l' command.
Audit Metadata