Skills
skills/athola/claude-night-market/file-analysis/Gen Agent Trust Hub

file-analysis

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the files it analyzes.
  • Ingestion points: File system metadata (directory names, file names) and project manifest files like package.json, Cargo.toml, or pyproject.toml are read during execution.
  • Boundary markers: Absent. There are no instructions to the agent to ignore or delimit embedded commands found within the analyzed file structures.
  • Capability inventory: The skill uses the Bash tool to execute commands like find, wc, and tree, which could be influenced by malicious content in the codebase being mapped.
  • Sanitization: No sanitization or validation is applied to the data retrieved from the file system or manifest files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 03:18 PM