analyze-project
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and summarize untrusted data from project directories, which could contain malicious instructions embedded in comments or documentation.
- Ingestion points: Processes arbitrary project files, including configuration files (
package.json,Cargo.toml,pyproject.toml) and source code files. - Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' instructions for the content being read.
- Capability inventory: File-write (the skill is instructed to save reports to
docs/analysis/). - Sanitization: Absent. There is no mention of escaping or validating the content extracted from the project files before writing them to the report.
- Instruction Inconsistency (SAFE): The skill contains a contradiction between the 'READ-ONLY' constraint and the 'SAVE REPORT' instruction. While this is primarily a logic issue, it confirms the agent's intent to perform file-system write operations.
Audit Metadata