deslop
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by ingesting and processing untrusted source code from the repository being scanned.
- Ingestion points: Files are discovered and read using 'find', 'grep', and the 'Read' tool across the codebase to calculate metrics and detect patterns (SKILL.md).
- Boundary markers: The skill lacks specific delimiters or instructions to the agent to disregard any commands or instructions found within the scanned source files.
- Capability inventory: The agent has access to 'Bash' for command execution and 'Write' for file generation, which could be exploited if an injection is successful (SKILL.md).
- Sanitization: There is no evidence of filtering or sanitization of the file content before the agent evaluates it for health scoring.
- [COMMAND_EXECUTION]: The skill utilizes the 'Bash' tool to perform repository analysis via commands such as 'find', 'wc', 'grep', and 'go mod tidy'. These commands are used to gather diagnostic data like line counts and dependency health, which is consistent with the skill's primary purpose.
Audit Metadata