blast-radius
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides instructions for standard software engineering and auditing tasks, such as performing impact analysis (blast radius) on code diffs and PRs. It emphasizes evidence-based reasoning and local testing over assumptions.\n- [PROMPT_INJECTION]: The skill is exposed to a potential indirect prompt injection surface because it processes untrusted external data while having the capability to execute code.\n
- Ingestion points: The agent is instructed to read pull request bodies, commits, and code diffs in SKILL.md (Step 1).\n
- Boundary markers: No specific boundary markers or instructions to ignore embedded commands within the processed data are defined.\n
- Capability inventory: The skill explicitly directs the agent to write and execute scripts or tests that import library code to verify safety assumptions in SKILL.md (Step 5).\n
- Sanitization: No input sanitization or validation for the ingested data is mentioned, though it does include a best-practice instruction to strip private data before making information public.
Audit Metadata