silent-failure-hunter
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process untrusted external data (source code).
- Ingestion points: The skill utilizes
Read,Glob, andGrepto access and analyze the contents of external files. - Boundary markers: The instructions lack requirements for delimiters or specific system instructions to ignore commands potentially embedded within the audited code.
- Capability inventory: The skill is granted access to high-privilege tools including
Bash,TodoWrite, andTask. - Sanitization: There is no evidence of logic intended to sanitize or escape file content before it is processed by the AI agent.
Audit Metadata