agentlens
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill instructions focus on standard codebase exploration and documentation navigation patterns.
- [COMMAND_EXECUTION]: The skill references a CLI command
agentlensused for regenerating documentation files. This is a functional tool within the skill's intended purpose and does not involve arbitrary or unsafe command execution patterns. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it is designed to ingest and process documentation files located within external codebases.
- Ingestion points: Markdown files within the
.agentlens/directory (e.g.,INDEX.md,MODULE.md,outline.md). - Boundary markers: The instructions do not include specific delimiters or warnings to ignore instructions embedded in the ingested documentation content.
- Capability inventory: The skill utilizes file reading capabilities to interpret codebase structure and navigate symbols.
- Sanitization: No sanitization of the content found within the documentation files is described.
Audit Metadata