reverse-engineering-specs
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection vulnerability surface. Although the skill is designed for documentation, the processing of untrusted codebases creates a risk where malicious instructions embedded in the code (e.g., in comments or strings) could influence the agent's behavior. \n
- Ingestion points: The skill ingests and analyzes an "existing codebase" (SKILL.md, Phase 1). \n
- Boundary markers: The skill lacks explicit instructions or delimiters (such as XML tags or specific markdown blocks) to help the agent distinguish between the skill's instructions and the content of the analyzed files. \n
- Capability inventory: The skill uses the
Agenttool withsubagent_type="Explore"and can deploy up to 500 subagents, providing a high-autonomy execution environment for the analysis. \n - Sanitization: No sanitization, escaping, or validation of the input code is specified before the content is interpreted by the agent or subagents.
Audit Metadata