dead-code-sweep
Warn
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes arbitrary, project-defined scripts (e.g., build, lint, typecheck) during the Phase 4 verification step. This can lead to the execution of malicious code if the target project's configuration (like package.json or Makefile) is compromised or malicious.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by ingesting and processing untrusted code, comments, and documentation from the repository being analyzed. This data is used to drive the agent's logic for reporting and proposed code deletions.
- Ingestion points: Phase 1 (Inventory) and Phase 2 (Detection) read the entire target codebase, including source files and configuration.
- Boundary markers: No specific delimiters or instructions to ignore embedded instructions in the analyzed code are utilized.
- Capability inventory: The skill possesses capabilities for file deletion, file writing (reporting), and arbitrary command execution (build/verification).
- Sanitization: There is no evidence of sanitization or filtering of external content before it is interpolated into the agent's context or reports.
- [COMMAND_EXECUTION]: Utilizes shell utilities including
grep,glob, andgitto analyze file contents and repository history.
Audit Metadata