project-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it parses and analyzes untrusted data from user-provided codebases, including manifest files and source code.
- Ingestion points: Project files are ingested via the Read, Glob, and Grep tools during the 11-step analysis process.
- Boundary markers: The instructions do not specify any delimiters or safety markers to prevent the agent from obeying instructions embedded within the analyzed project files.
- Capability inventory: The skill has access to Bash, Read, Glob, Grep, and subprocess spawning (via spawn in main.cjs).
- Sanitization: There is no documented logic for sanitizing or escaping the content of project files before they are processed by the agent.
- [COMMAND_EXECUTION]: The skill uses the Bash tool and Node.js child_process.spawn to run analysis scripts (analyzer.mjs) and package manager utilities like npm audit and npm outdated. This allows the skill to execute commands in the project's shell environment based on the results of its automated discovery.
Audit Metadata