blueprint
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill involves reading codebase content and project memory, which introduces an attack surface for indirect prompt injection from untrusted data sources. However, the skill lacks executable capabilities that would allow for exploitation. • Ingestion points: Codebase scanning and project memory access described in SKILL.md. • Boundary markers: None identified. • Capability inventory: No executable code, subprocesses, or network operations are defined within the skill. • Sanitization: No sanitization or validation of external data is specified.
- [EXTERNAL_DOWNLOADS]: The skill's documentation includes references to external GitHub repositories (antbotlab/blueprint) for installation and examples. These are standard informational links and do not involve runtime downloads by the agent.
Audit Metadata