project-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use common system utilities such as
ls,cat,grep,tree, andgitto inspect project files and history. - [COMMAND_EXECUTION]: It includes the
npm testcommand, which triggers execution of scripts defined in the target project's configuration files. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by reading and interpreting data from external, potentially untrusted codebases. * Ingestion points: Commands like
cat README.mdandcat package.jsonin SKILL.md bring external content into the agent's context. * Boundary markers: The skill does not employ delimiters or specific instructions to help the agent distinguish between its own instructions and content found in the analyzed files. * Capability inventory: The agent has access to filesystem tools and the ability to execute local project scripts (npm test) as seen in SKILL.md. * Sanitization: There is no logic to sanitize or filter the content of the files being read before the agent processes them.
Audit Metadata