project-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection as it ingests untrusted data from a codebase. Ingestion points: Local project files such as README.md, package.json, requirements.txt, and source code are accessed via Read, Grep, and Bash tools. Boundary markers: Absent. The instructions do not define delimiters or provide explicit warnings for the agent to ignore instructions embedded within the analyzed files. Capability inventory: The skill allows use of Bash, Read, Grep, and Glob. While example commands are read-only (ls, cat, grep), the Bash tool itself provides a broad execution capability that could be manipulated if the agent follows instructions found within an analyzed file. Sanitization: Absent. There is no mechanism to escape, validate, or filter the content of the files before the agent processes them.
Audit Metadata