threat-modeling
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill's primary function is to ingest and analyze untrusted data from external files, creating a vulnerability surface where malicious content in those files could influence the agent's behavior.
- Ingestion points: The skill utilizes 'Read', 'Glob', and 'Grep' tools to access external codebase files and system architectures for analysis.
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore instructions' markers when processing file content.
- Capability inventory: The agent is granted 'Write' access to the filesystem and advanced reasoning capabilities via 'mcp__sequential-thinking__*', which could be misused if the agent is compromised via injection.
- Sanitization: There is no requirement or logic provided for sanitizing, escaping, or validating the content of the files before they are processed by the agent.
Audit Metadata