full-codebase-migrator
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute local commands such as wc, find, and git log for metadata collection. These operations are restricted to project structure and history analysis and are aligned with the stated purpose of codebase migration planning.
- [PROMPT_INJECTION]: This skill possesses an indirect prompt injection surface as it ingests untrusted codebase content to generate a migration plan.
- Ingestion points: Source files and configuration files are ingested via the Read and Agent tools (SKILL.md, Step 1c).
- Boundary markers: No explicit boundary markers or instructions to ignore embedded instructions are specified when reading the codebase.
- Capability inventory: The skill has access to Bash for command execution and Write for file modification, representing a capability tier that could be targeted via injection.
- Sanitization: There is no evidence of sanitization or validation of the ingested code content before it is processed by the model.
Audit Metadata