featuring
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the 'tree-sitter-language-pack' package using the 'uv' package manager. This is a legitimate and well-known dependency required for the skill's code analysis capabilities.
- [COMMAND_EXECUTION]: The skill includes two Python scripts, 'gather.py' and 'check.py', which perform file system reads to extract code structure and validate symbol references. These scripts are intended for execution in a developer environment to assist with documentation workflows.
- [INDIRECT_PROMPT_INJECTION]: As a tool designed to ingest and summarize external codebases, there is a theoretical surface for indirect prompt injection. Malicious comments or strings within a scanned repository could attempt to influence the agent's interpretation during the synthesis phase. This is an inherent risk in any codebase orientation or summarization tool.
- Ingestion points: 'scripts/gather.py' and 'scripts/check.py' read source files from a user-specified repository path.
- Boundary markers: The output from 'gather.py' uses markdown headers and code blocks to separate different codebase elements.
- Capability inventory: The skill uses file system reads and provides structured output for the agent; it does not execute the code it scans.
- Sanitization: The scripts use standard file reading and tree-sitter parsing; they do not specifically filter for prompt injection patterns in the source text.
- [DYNAMIC_EXECUTION]: The scripts 'gather.py' and 'check.py' dynamically locate and import the 'tree-sitting' skill engine by searching through a set of predefined platform-specific paths (e.g., /mnt/skills/user/tree-sitting/scripts) and modifying the system path at runtime.
Audit Metadata