sast-detekt
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill is designed to ingest and analyze external Kotlin source code. 1. Ingestion points: Local files at
<src-path>. 2. Boundary markers: Absent. 3. Capability inventory: Execution of detekt CLI and Gradle tasks. 4. Sanitization: Absent. However, the use case is security auditing, making this surface expected and safe. - Command Execution (SAFE): The commands provided (
detektand./gradlew) are standard tools for the described task and do not involve unauthorized privilege escalation or obfuscated execution.
Audit Metadata