security-audit
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted source code which could contain malicious instructions meant to subvert the auditor's logic.
- Ingestion points: The tool ingests code from files across the project repository using Grep, Glob, and Read operations.
- Boundary markers: The skill lacks explicit delimiters or instructions to treat the analyzed code strictly as data, increasing the risk of the agent obeying instructions hidden in comments or strings.
- Capability inventory: The agent has access to Bash, Write, and AskUserQuestion tools, which could be misused if an injection is successful.
- Sanitization: No sanitization or filtering of the scanned content is performed before the agent processes and interprets the results.
Audit Metadata