cb-ask
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious commands, obfuscation, or exfiltration patterns were found. The skill adheres to its stated purpose of gathering information through dialogue.
- [NO_CODE]: The skill is composed solely of instructions for the AI agent and does not include or execute any code or scripts.
- [PROMPT_INJECTION]: While the skill ingests project context, which is a surface for indirect prompt injection, it is restricted to an 'ask only' mode that prevents harmful execution. 1. Ingestion points: Project documentation (Step 1). 2. Boundary markers: None specified. 3. Capability inventory: Textual questioning and skill recommendation. 4. Sanitization: None.
Audit Metadata