feature-radar-scan
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from external, untrusted sources (e.g., GitHub issues, Reddit, community forums) which introduces a surface for indirect prompt injection. Maliciously crafted content in these external sources could attempt to influence the agent's behavior during the scan and evaluation process.
- Ingestion points: External content gathered from User signals and Community conversations as defined in the Workflow section.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the external data.
- Capability inventory: The skill performs file read/write operations within the .feature-radar/ directory and executes codebase searches.
- Sanitization: No sanitization or validation of the external content is specified before it is evaluated against the 6 criteria.
Audit Metadata