ast-grep
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute the ast-grep CLI tool. It includes examples for running ast-grep scan and ast-grep run on the local project directory to find code patterns. Evidence: SKILL.md contains multiple shell command examples for the ast-grep utility.\n- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it processes natural language queries and codebase content. Ingestion points: User queries and project source code (SKILL.md). Boundary markers: The skill employs YAML rule objects and CLI-specific delimiters to separate commands from patterns. Capability inventory: The skill performs local file analysis and CLI command execution. Sanitization: Instructions are provided to escape shell metavariables to prevent injection during CLI usage.
Audit Metadata