audit-2
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: File 'a' contains the sensitive system file path '/etc/hosts'. The inclusion of system configuration paths in an undocumented file suggests potential reconnaissance or unauthorized data access attempts.
- [PROMPT_INJECTION]: The skill's intended purpose of auditing codebases presents a risk of indirect prompt injection (Category 8). Malicious instructions within the audited data could override agent behavior. * Ingestion points: External codebase content referenced in SKILL.md. * Boundary markers: None present in the provided files. * Capability inventory: Implied file reading and analysis tools for auditing tasks. * Sanitization: No evidence of input validation or sanitization logic.
Audit Metadata