trusty-search
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements its stated code search functionality without any detected malicious patterns or unauthorized network communications. All network operations target localhost (127.0.0.1), which is a whitelisted network destination.
- [PROMPT_INJECTION]: The skill facilitates processing external codebase data which introduces an indirect prompt injection surface, particularly through the
chattool which synthesizes answers from retrieved code snippets. - Ingestion points: Files and directories indexed via the
create_index,reindex, andindex_filetools. - Boundary markers: None identified in the prompt instructions to delimit indexed content or warn the agent about embedded instructions.
- Capability inventory: Includes file system indexing tools and search/chat tools interacting with a local daemon at
127.0.0.1:7878. - Sanitization: No content sanitization or validation is described for the indexed data.
Audit Metadata