zoom-out
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a directive framework for the agent to summarize architectural patterns in a codebase. It uses built-in read-only tools like Read, Grep, and Glob.
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it processes untrusted data from the codebase being analyzed. However, the risk is negligible as it lacks any tools for data exfiltration or system modification.
- Ingestion points: Local codebase files accessed via Read and Grep tools.
- Boundary markers: None specified for external content interpolation.
- Capability inventory: Limited to read-only codebase navigation; no network access or file-writing tools are requested or configured.
- Sanitization: Content is analyzed as-is without specific sanitization steps.
Audit Metadata