assay
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, exfiltration attempts, or unauthorized command executions were detected in the skill's logic or prompt templates.
- [PROMPT_INJECTION]: The skill processes potentially untrusted codebase context within its evaluator prompt, representing an indirect injection surface. 1. Ingestion points: The 'context' parameter in SKILL.md. 2. Boundary markers: The evaluator prompt uses markdown headers to separate data. 3. Capability inventory: Limited to disk-mediated dispatch and text synthesis; no direct shell or network capabilities. 4. Sanitization: Context is interpolated without escaping, though the output is restricted to a strictly validated JSON schema.
Audit Metadata