context-bundler
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute its internal Python scripts (bundle.py, bundle_zip.py, and manifest_manager.py) for manifest management and bundle generation. These scripts use only Python standard library modules and do not require external dependencies.\n- [PROMPT_INJECTION]: The core functionality of aggregating untrusted project files into a single document creates an attack surface for indirect prompt injection. Malicious instructions within the source files could influence the behavior of an AI model that consumes the generated bundle.\n
- Ingestion points: File contents are read from the project directory by scripts/bundle.py and scripts/bundle_zip.py based on user-defined manifests.\n
- Boundary markers: scripts/bundle.py wraps file contents in markdown code blocks to separate them within the final artifact.\n
- Capability inventory: The skill has the ability to read project files, write new documents, and execute shell commands through the Bash tool.\n
- Sanitization: No explicit detection or neutralization of instructions is performed on the ingested file contents.
Audit Metadata