iterative-retrieval
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill provides architectural guidance and pseudo-code for context optimization without implementing dangerous operations or network calls.
- [PROMPT_INJECTION]: The skill's primary function is to retrieve and process external files from a codebase, which inherently presents an indirect prompt injection surface. However, this is the intended use case for a retrieval pattern and no specific vulnerabilities or safety bypasses are present in the skill's instructions. 1. Ingestion points: Codebase files identified via user-defined patterns in SKILL.md. 2. Boundary markers: None specified in the pattern template. 3. Capability inventory: File reading and searching. 4. Sanitization: None provided in the conceptual logic.
Audit Metadata