Skills
skills/bnadlerjr/dotfiles/researching-codebase/Gen Agent Trust Hub

researching-codebase

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes codebase and documentation files which serves as a potential vector for indirect prompt injection if those files contain malicious instructions.
  • Ingestion points: Content is ingested from the codebase using the Read tool during the Decomposition and Research phases.
  • Boundary markers: The skill lacks explicit boundary markers or 'ignore' instructions for the data it processes, although it does instruct agents to remain objective documentarians.
  • Capability inventory: The agent has the ability to execute git and GitHub CLI commands, write files to the research directory, and perform web searches if requested.
  • Sanitization: There are no mechanisms described for sanitizing or filtering input gathered from the files before it is processed by the LLM.
  • [COMMAND_EXECUTION]: The skill uses the git and gh (GitHub CLI) tools to retrieve branch information and repository metadata. These commands are executed to create valid GitHub permalinks for the generated research documents.
  • [EXTERNAL_DOWNLOADS]: The skill optionally uses a web-search agent to find external resources and documentation if the user specifically requests it, though the behavior is gated by user intent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 10:17 PM
Security Audit — agent-trust-hub — researching-codebase