Skills
skills/anentrypoint/gm-skill/code-search/Gen Agent Trust Hub

code-search

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates searching and reading from the codebase and PDF documents, creating a surface for indirect prompt injection where malicious instructions in files could influence the agent.
  • Ingestion points: Content retrieved from the codebase via exec:codesearch and Read (SKILL.md).
  • Boundary markers: Absent; there are no instructions to use delimiters or ignore instructions within search results.
  • Capability inventory: The skill has access to exec:codesearch, Read, and exec:nodejs (SKILL.md).
  • Sanitization: Absent; the skill does not specify any validation or filtering of the content read from files.
  • [COMMAND_EXECUTION]: The instructions suggest using exec:nodejs to execute fs.readdirSync for directory listings. This allows for dynamic execution of JavaScript code to interact with the local filesystem.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 10:31 AM
Security Audit — agent-trust-hub — code-search