Skills
skills/lllllllama/ai-paper-reproduction-skills/analyze-project/Gen Agent Trust Hub

analyze-project

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies entrypoints and code patterns in a repository, which presents a surface for indirect prompt injection.
  • Ingestion points: The scripts/analyze_project.py script reads directory structures and file contents from the target repository path provided via the --repo argument.
  • Boundary markers: The generated reports (SUMMARY.md, RISKS.md) do not utilize delimiters or specific instructions to isolate untrusted repository metadata from the agent context.
  • Capability inventory: The skill possesses file system read and write capabilities for local analysis but lacks network access or subprocess execution of the analyzed content.
  • Sanitization: Filenames and structural metadata are included in the final analysis output without escaping or validation, allowing crafted project structures to influence the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 11:13 AM