cpp
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
SKILL.mdfile defines a 'Memory Protocol' that requires the agent to execute a bash command (cat .claude/context/memory/learnings.md) at the beginning of each interaction. While intended for state persistence, this is a mandatory execution of a command on the local filesystem. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to the nature of its core functionality.
- Ingestion points: The skill processes a wide range of source code files (
**/*.cpp,**/*.h,**/*.cc, etc.) as defined in the global configuration. - Boundary markers: The instructions do not define delimiters or specific 'ignore' rules for instructions that may be embedded within the source code being analyzed.
- Capability inventory: The agent is granted access to high-privilege tools including
Bash,Write,Edit, andRead. - Sanitization: There is no evidence of sanitization or filtering to prevent the agent from obeying instructions hidden within code comments or string literals in the processed files.
Audit Metadata