map-codebase
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a dedicated documentation tool that operates by reading local project files and writing markdown reports to a specific internal directory (
.planning/codebase/). No indicators of malicious activity such as data exfiltration, credential theft, or unauthorized persistence were found. - [PROMPT_INJECTION]: There is a minimal risk of indirect prompt injection because the skill's 'Explore' subagents process untrusted content from the codebase being mapped. Malicious instructions embedded in source code comments could theoretically attempt to manipulate the generated documentation.
- Ingestion points: Four subagents scan all codebase files, including configuration and source files, as defined in
workflow.md. - Boundary markers: The subagent prompts do not currently include explicit instructions or delimiters to distinguish between code content and potential instructions.
- Capability inventory: The skill utilizes the Task tool to spawn background agents and the file system to write generated documentation.
- Sanitization: No explicit sanitization or filtering is performed on the data extracted from the codebase before it is written to the markdown templates.
Audit Metadata