dive
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill establishes a workflow for analyzing external project data, creating a surface for indirect prompt injection (Category 8). An attacker could place malicious instructions in documentation or code comments to influence the agent's behavior during a 'dive'.
- Ingestion points: The skill directs the agent to read various project files including source code, documentation, and configuration files across the directory structure.
- Boundary markers: There are no instructions within the skill for the agent to use protective delimiters or specific 'ignore embedded instructions' warnings when processing file content.
- Capability inventory: The workflow relies on file-reading and search tools (such as grep, glob, and read) to perform its investigation.
- Sanitization: The skill does not prescribe any sanitization or validation of the data retrieved from project files before it is processed by the agent.
Audit Metadata