rfu-audit
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates as a purely analytical tool, reading project documentation to facilitate a structured review process. It saves audit results to a local ".planning" directory within the project, following standard development practices. All reported logic is instructional and follows security best practices for secret management and input validation.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it ingests untrusted content from "README.md" and "package.json" into its analysis prompts (detailed in "guides/AUTO-ANALYZE.md"). However, this behavior is central to its purpose as a project auditing tool, and it includes grounding instructions to mitigate risks.
- Ingestion points: Reads "README.md" and "package.json" from the provided project directory.
- Boundary markers: Lacks explicit structural delimiters around interpolated file content in the auto-analyze prompt template.
- Capability inventory: Accesses the filesystem to read project files and write audit reports using platform tools.
- Sanitization: Employs explicit grounding constraints within the extraction prompt to restrict the AI to provided text.
Audit Metadata