recipe-reverse-engineer
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes external codebase content which presents a surface for indirect prompt injection. This risk is mitigated by the design of the workflow, which includes a dedicated code-verification stage using a scoring system and optional human review points to validate agent outputs against the source code implemented.
- [DATA_EXFILTRATION]: While the skill reads and processes local codebase files, it does so within the scope of documentation generation. There are no network operations, external data transmissions, or evidence of credential harvesting patterns.
- [COMMAND_EXECUTION]: The orchestrator uses platform-specific tools for task registration and sub-agent delegation. It does not perform direct shell command execution, subprocess spawning, or unsafe script evaluation.
Audit Metadata