codecontext-setup
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by instructing agents to process '@context' annotations within repository files. This data enters the agent context and can influence its reasoning or actions.
- Ingestion points: Repository source code and documentation files via '@context' markers.
- Boundary markers: No explicit delimiters or 'ignore' instructions are provided for the annotation content to prevent embedded command overrides.
- Capability inventory: The agent has the ability to execute shell commands via npx and modify repository files.
- Sanitization: The skill does not prescribe sanitization or validation for the annotations.
- [COMMAND_EXECUTION]: The skill directs the agent to run CLI tools such as '@recallnet/codecontext-cli' using npx. These commands are consistent with the installation and use of the author's own software for repository analysis and reporting.
Audit Metadata