code-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection surface detected via codebase markers.
- Ingestion points:
scripts/scan-codebase.shextracts text from source files usinggrepfor markers likeAICODE-NOTE. - Boundary markers: Absent. The agent receives extracted text without delimiters or instructions to treat it as untrusted data.
- Capability inventory: The skill is granted
Bash (*)andReadpermissions, creating a risk if the agent's logic is hijacked by injected instructions. - Sanitization: No sanitization is applied to the extracted comment text before it reaches the agent.
- COMMAND_EXECUTION (SAFE): The skill runs a local script
scripts/scan-codebase.sh. Analysis shows it is a well-behaved utility for gathering project metadata and does not perform network requests or unauthorized file modifications.
Audit Metadata