codebase-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to analyze external codebases, which constitutes a surface for indirect prompt injection where malicious instructions embedded in code comments or files could attempt to manipulate the auditor's findings.
- Ingestion points: All files within the provided repository (SKILL.md).
- Boundary markers: The prompt uses structured evidence tags ('Observed', 'Inferred', 'Not verifiable') to separate data from analysis, but lacks explicit instructions for the agent to ignore commands within the audited content.
- Capability inventory: Deep repository analysis and web-based research for dependency versions (SKILL.md).
- Sanitization: No automated sanitization or explicit 'ignore previous instructions' directives are provided for handling user-supplied code content.
Audit Metadata