search-codebase
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the filesift Python package and utilizes established embedding models from Jina AI and Nomic for semantic indexing.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute command-line operations for indexing and searching code via the filesift utility, with access restricted to that specific tool.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by incorporating content from indexed codebase files into the agent's context. Ingestion points: Content retrieved from the codebase via the filesift find command (SKILL.md). Boundary markers: The instructions do not include markers or warnings to isolate processed file content from the agent instructions. Capability inventory: The agent's capabilities include executing filesift commands via the Bash tool (SKILL.md). Sanitization: No sanitization of the codebase content is described or implemented before the data is processed by the agent.
Audit Metadata