tool-inventory-init
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes source code to generate semantic summaries for an AI-accessible cache.
- Ingestion points: The script manage_tool_inventory.py extracts docstrings and full file content from the local repository.
- Boundary markers: The prompt template in resources/prompts/rlm/rlm_summarize_tool.md lacks explicit delimiters or instructions to ignore embedded commands in the {content} variable.
- Capability inventory: The skill has the capability to write configuration files and modify script headers throughout the repository.
- Sanitization: No sanitization or safety-filtering is applied to the code content before it is processed by the summarization logic.
Audit Metadata