comment-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from code comments.
- Ingestion points: The skill reads external code content using the
ReadandGreptools. - Boundary markers: There are no specific delimiters or instructions provided to the agent to distinguish between the analyzed text and its own instructions, nor any directive to ignore embedded commands.
- Capability inventory: The skill has access to
BashandTodoWritetools, providing a path for command execution or file system modification if an injection is successful. - Sanitization: No sanitization, escaping, or validation logic is defined for the input content.
- [COMMAND_EXECUTION]: The skill explicitly allows the use of the
Bashtool. While intended for code analysis tasks, this capability provides a powerful execution environment that could be abused by malicious content found within the code comments being analyzed.
Audit Metadata