codebase-audit-pre-push
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes the entire codebase (untrusted data) and has the capability to modify or delete files. Malicious instructions embedded in the source code being audited could potentially influence the agent's actions.
- Ingestion points: The agent is instructed to "Review the entire codebase file by file" and "Read the code carefully" (SKILL.md).
- Boundary markers: The skill does not provide any specific delimiters or instructions to ignore potential commands embedded within the audited source files.
- Capability inventory: The skill grants the agent the power to "Delete these immediately" (OS files, logs, temp files), "Fix issues right away", "Update .gitignore", and "make the necessary changes" across the filesystem (SKILL.md).
- Sanitization: There is no mechanism described to sanitize or validate the content of the files before the agent processes them as instructions.
Audit Metadata