ln-646-project-structure-auditor
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches missing reference and shared configuration files from the author's official GitHub repository (levnikolaevich/claude-code-skills) via WebFetch.
- [COMMAND_EXECUTION]: Uses the Bash tool to perform directory scanning and file-based auditing operations.
- [PROMPT_INJECTION]: Processes untrusted filenames and file content from the scanned project, creating a surface for indirect prompt injection.
- Ingestion points: Reads project configuration files (e.g., package.json, pyproject.toml) and source file names/paths using Read and Glob tools.
- Boundary markers: The workflow does not define explicit delimiters to separate the content of audited files from the agent's internal instructions.
- Capability inventory: The skill has access to Bash, Read, and Write tools during the analysis process.
- Sanitization: There is no evidence of sanitization or validation of the data read from the audited codebase.
Audit Metadata