django-project-context
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads untrusted data from local project files like settings.py, models.py, and requirements.txt. Maliciously crafted content or comments within these files could potentially influence the agent's behavior during the context-gathering phase. \n
- Ingestion points: Reads configuration and code from settings.py, requirements, models.py, and urls.py. \n
- Boundary markers: No delimiters or directives to ignore embedded instructions within the processed files. \n
- Capability inventory: The skill has the capability to write to the local filesystem (creating .agents/django-project-context.md). \n
- Sanitization: No evidence of sanitization or validation of the ingested data before it is used. \n- [NO_CODE]: The skill consists exclusively of markdown-based instructions for the AI agent and does not contain any executable scripts, binaries, or external code dependencies.
Audit Metadata