code-registry
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill workflow directs the agent to execute shell commands provided by the vendor's API through the next_steps.commands field during the local analysis phase.
- [EXTERNAL_DOWNLOADS]: The Python script poll_vault_status.py and the skill instructions initiate network requests to integrator.app.thecoderegistry.com to manage accounts and poll for analysis completion.
- [PROMPT_INJECTION]: The skill processes external analysis reports and findings, creating a surface for indirect prompt injection where malicious content in the codebase or report could influence the agent's summary and recommendations.
- Ingestion points: get-code-vault-results and get-code-vault-reports API responses parsed in SKILL.md and scripts/poll_vault_status.py.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt templates.
- Capability inventory: Shell command execution (next_steps.commands) and network requests to the vendor API.
- Sanitization: The skill lacks explicit sanitization or validation of the text content received from the API before it is interpreted by the agent.
Audit Metadata