clean-code-size
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) based on its core workflow. \n- Ingestion points: In Step 4 of SKILL.md, the agent is instructed to read oversized files from a user-provided target_path in full. \n- Boundary markers: The skill does not define specific delimiters or security warnings to prevent the agent from accidentally obeying instructions embedded in the code files being analyzed. \n- Capability inventory: The skill utilizes a Python script (scripts/report_large_files.py) to perform non-destructive file-system scanning and line counting; it does not request network access or shell execution tools. \n- Sanitization: No sanitization or escaping is performed on the ingested file content before the agent processes it for architectural review.
Audit Metadata