code-reader-v2-cn
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze external source code. There is a potential risk of indirect prompt injection if a processed file contains malicious instructions designed to influence the agent's behavior.
- Ingestion points: Source code files are read using the 'Read' tool as described in the Parallel Deep Mode workflow in
SKILL.md. - Boundary markers: The instructions for sub-agents do not explicitly include boundary markers or 'ignore embedded instructions' warnings for the code content being analyzed.
- Capability inventory: The skill utilizes 'Read', 'Write', and 'Task' (sub-agent creation) tools.
- Sanitization: There is no explicit sanitization step for the code content before it is processed by the agent or sub-agents.
- [COMMAND_EXECUTION]: The skill uses automated tools for file system interaction ('Read' and 'Write') and agent orchestration ('Task'). These operations are limited to the intended purpose of project analysis and documentation generation within the agent's sandbox environment.
Audit Metadata