ln-654-resource-lifecycle-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the Mermaid.js library from the JSDelivr CDN in diagram.html for generating workflow diagrams. This is a trusted and well-known service.
- [COMMAND_EXECUTION]: The skill uses Bash and Grep to locate code patterns. These actions are restricted to auditing tasks and do not represent a privilege escalation or unsafe command execution risk.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted codebase files to perform its audit.
- Ingestion points: The skill accesses code via Read, Grep, and Glob tools.
- Boundary markers: The skill does not define explicit delimiters to isolate scanned content from its internal logic.
- Capability inventory: The skill can execute Bash searches and write report files.
- Sanitization: The skill does not apply specific sanitization to the audited code snippets before processing them.
Audit Metadata