code-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill utilizes Bash to run external linters and coverage tools. While this is necessary for its primary purpose of auditing code, the ability to execute shell commands represents a significant capability that should be monitored.
- [PROMPT_INJECTION] (LOW): (Category 8: Indirect Prompt Injection) The skill is explicitly designed to ingest and process untrusted data from external codebases. * Ingestion points: The Read, Grep, and Explore tools are used to pull content from files in the codebase being audited. * Boundary markers: No explicit delimiters or 'ignore instructions' warnings are defined in the skill to wrap the ingested code. * Capability inventory: The skill has access to Bash for command execution and Read for file system access. * Sanitization: There is no mention of sanitizing or filtering the content of the files before the agent analyzes them, relying on the underlying model's safety guardrails.
Audit Metadata