dependency-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill implements a persistent 'Memory Protocol' that mandates the use of shell commands to read and write state. Specifically, it instructs the agent to execute 'cat .claude/context/memory/learnings.md' at the start of sessions and to modify files within the '.claude/context/memory/' directory to track patterns, issues, and decisions.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). Ingestion points: The skill reads local dependency files (e.g., package.json, requirements.txt, go.mod) and fetches external changelog content via web search tools. Boundary markers: There are no specified delimiters or instructions to ignore embedded commands within the ingested data. Capability inventory: The skill has access to powerful tools including 'Bash', 'Write', 'Edit', and 'Read'. Sanitization: There is no evidence of sanitization or validation of the external content before it is processed by the agent, creating a risk if malicious instructions are embedded in package names or changelogs.
Audit Metadata