feature-investigator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE] (SAFE): No malicious patterns, command executions, or persistence mechanisms were identified in the skill documentation.
- [NO_CODE] (SAFE): The skill contains no executable scripts (Python, JavaScript, etc.), reducing the risk of runtime malicious behavior.
- [Indirect Prompt Injection] (SAFE): There is a surface for indirect prompt injection as the agent is tasked with reading external code files. 1. Ingestion points: Codebase files and git history. 2. Boundary markers: Absent in the instructions. 3. Capability inventory: Read-only file access and search tools. 4. Sanitization: None specified. This risk is inherent to the skill's primary function of code investigation.
Audit Metadata