business-logic-extractor
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands such as
findandcatto locate and inspect files within the project directory. This behavior is fundamental to its purpose of identifying domain entities, validation logic, and business rules. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted source code and comments from the project environment. Maliciously crafted content within these files could attempt to influence the agent's summary or extraction process.
- Ingestion points: Source code, configuration files (e.g.,
.env.example,*config*), and test files discovered during the Phase 1 scan. - Boundary markers: None identified. The skill does not use specific delimiters to separate untrusted codebase content from its own instructional context.
- Capability inventory: The skill performs filesystem read access across the codebase and executes shell commands for file discovery. It generates a markdown document and saves it to the repository root or the agent's output directory.
- Sanitization: No validation or sanitization steps are specified for the content extracted from the project files before it is processed or incorporated into the final report.
Audit Metadata