java-file-read-audit
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill performs automated scans of the local file system using shell commands like 'grep' and 'find' to identify high-risk Java code patterns such as 'FileInputStream', 'BufferedReader', and 'Files.readAllBytes'. This is a core functional requirement for the auditing process.
- [EXTERNAL_DOWNLOADS]: To support the analysis of compiled artifacts, the skill invokes an MCP tool to download the CFR Java decompiler. This download is a legitimate operational dependency for the skill's decompilation strategy.
- [PROMPT_INJECTION]: The skill uses strong instructional directives (e.g., 'CRITICAL', 'PROHIBITED') to ensure the agent performs a comprehensive audit. These do not constitute malicious injection as they do not target the agent's base safety constraints.
- [PROMPT_INJECTION]: As a code analysis tool, this skill presents an indirect prompt injection surface when processing untrusted Java source files. 1. Ingestion points: Code files are read during the scanning and analysis phases. 2. Boundary markers: None are explicitly implemented to isolate code content. 3. Capability inventory: The skill has access to file system scanning and decompilation tools. 4. Sanitization: No sanitization is performed on analyzed code snippets before they are processed by the agent.
Audit Metadata