tech-debt-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted natural language data from the analyzed codebase.
- Ingestion points: Processes code comments, docstrings, and README files during the 'AI-Augmented Analysis' phase and via the pattern consistency scanner.
- Boundary markers: The instructions lack explicit boundary markers or safety guidelines to ignore instructions embedded within the source code and documentation being analyzed.
- Capability inventory: The skill possesses the ability to write state files to the local filesystem and execute local Python scripts, which could be targeted by a successful injection.
- Sanitization: While the dashboard template employs basic HTML escaping, there is no evidence of sanitization for natural language instructions encountered during the scanning process.
- [COMMAND_EXECUTION]: The skill executes local shell commands and Python scripts to perform its primary function.
- Evidence: Invokes 'uv run python' to execute the complexity, dead code, dependency, and pattern scanners provided within the skill package.
- Evidence: Executes 'mkdir -p' to initialize a local state directory at '~/.claude/tech-debt/' for baseline storage.
Audit Metadata