code-investigator
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a 'Dependency Auditor' subagent that executes shell commands such as
npm audit,npm outdated, andpip-auditto inspect the project environment. - [EXTERNAL_DOWNLOADS]: The audit workflow suggests using
npx depcheck, which involves downloading and running packages from external registries at runtime. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted content from the codebase being audited. Ingestion points: Reads project files, configuration, and documentation via the 'Explore' subagent. Boundary markers: No delimiters or specific instructions are used to distinguish untrusted data from the agent's core instructions. Capability inventory: The agent can execute shell commands, read the file system, and spawn specialized subagents. Sanitization: No sanitization is performed on the content of the analyzed files before it is processed by the LLM.
Audit Metadata