agentlens
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill instructs the agent to read and follow instructions/data from the
.agentlens/directory within a codebase. A malicious repository could place hidden instructions in these files to redirect the agent's behavior. - Ingestion points:
.agentlens/INDEX.md,modules/{slug}/MODULE.md,modules/{slug}/outline.md,modules/{slug}/memory.md,modules/{slug}/imports.md,files/{slug}.md. - Boundary markers: Absent; no specific delimiters or warnings are provided to the agent to treat this data as untrusted.
- Capability inventory: File reading and execution of the
agentlenscommand. - Sanitization: Absent; the skill does not suggest any validation or filtering of the documentation content.
- [Command Execution] (LOW): The skill suggests regenerating documentation using an external
agentlenscommand. While it does not provide an automated installation script, it relies on this external binary being present in the environment.
Audit Metadata