techdebt-finder
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes local command-line tools such as grep, find, git, and awk to perform static analysis of codebases. These patterns are defined in the reference files and are used for identifying code smells like duplicates, dead code, and magic numbers, which directly align with the skill's stated purpose. No risky dynamic execution or external network operations were detected.
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by processing untrusted data from the user's codebase. Ingestion points: Content is read from .ts files via bash scripts in references/detection-patterns.md. Boundary markers: Absent; no specific instructions are provided to the agent to distinguish between code and embedded malicious instructions. Capability inventory: The agent utilizes Read, Grep, Glob, and Bash for file system analysis. Sanitization: Content is not sanitized or filtered before being analyzed by the agent. Note: This is assessed as safe as the capabilities are restricted to analysis and the skill does not exhibit any active exploitation patterns.
Audit Metadata