analyze
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates using standard platform primitives, specifically
ToolSearchandask_codex. It performs no direct command execution or file system modifications and contains no obfuscated content or hardcoded secrets. The use of subagents likeoh-my-claudecode:architectaligns with its documented purpose for investigative reasoning.- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes codebase files and interpolates them into prompts for analysis by secondary agents. This is an expected risk for analysis tools. - Ingestion points: Local source code files identified by the
exploreagent or manually passed via thecontext_filesparameter. - Boundary markers: Absent in the skill instructions; it relies on the downstream tools to differentiate between analysis instructions and file content.
- Capability inventory: Routing capabilities to
ask_codexand thearchitectsubagent, which are controlled environment features. - Sanitization: Relies on the native safety guardrails of the platform's LLM models.
Audit Metadata