elixir-expert
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill contains instructions for a 'Memory Protocol' that directs the agent to execute 'cat .claude/context/memory/learnings.md' at the start of a session to maintain context across resets.
- [COMMAND_EXECUTION]: The agent is granted the 'Bash' tool, which is used to support development activities but allows for general command execution within the agent's environment.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it is designed to ingest and analyze untrusted source code.
- Ingestion points: The skill reads external files using the 'Read', 'Grep', and 'Glob' tools (SKILL.md).
- Boundary markers: No delimiters or protective instructions are defined in the 'Instructions' section to isolate the content of analyzed files from the agent's system logic.
- Capability inventory: The skill has broad capabilities including 'Bash', 'Write', and 'Edit' tools, which could be abused if malicious instructions embedded in reviewed code are followed.
- Sanitization: No sanitization or safety checks are performed on the data ingested from the file system during the code review process.
Audit Metadata