agent-native-audit
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a structured workflow for auditing a codebase against agent-native architecture principles. It does not contain any malicious instructions, obfuscation, or unauthorized access attempts.
- [DATA_EXPOSURE]: The audit involves searching for API service files, data models, and prompts. These activities are limited to the local environment for the purpose of generating a report and do not show signs of exfiltration.
- [PROMPT_INJECTION]: The skill exhibits surface for indirect prompt injection as it ingests untrusted codebase data. Evidence: 1. Ingestion points: local codebase files (API services, tool definitions). 2. Boundary markers: absent. 3. Capability inventory: codebase exploration and report formatting. 4. Sanitization: absent. Given the analytical use case, this is a standard risk factor for auditing tools.
Audit Metadata