codebase-documenter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill analyzes untrusted codebase content, creating a vulnerability surface for indirect prompt injection. Ingestion points: Data is ingested by reading files via Glob, Grep, and Read tools. Boundary markers: There are no explicit instructions for the agent to ignore or delimit embedded instructions within the analyzed codebase. Capability inventory: The skill has access to Bash, Write, and Read capabilities. Sanitization: No sanitization or content validation steps are mentioned.
- [Command Execution] (SAFE): The use of Bash is limited to metadata extraction tasks like git log and versioning, which is consistent with the skill's purpose and does not indicate malicious command injection or privilege escalation.
Audit Metadata