security-review
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted source code provided by users, which creates a surface for indirect prompt injection. An attacker could embed malicious instructions within the source code to be audited, potentially manipulating the agent's behavior.
- Ingestion points: User-provided source code, diffs, and component files specified in the skill scope.
- Capability inventory: The skill allows the use of powerful tools including Bash, Task, Read, Grep, and Glob.
- Boundary markers: No specific boundary markers or isolation techniques are instructed for processing untrusted code content.
- Sanitization: The instructions do not include steps to sanitize or filter user-provided code for malicious agent-targeting instructions.
Audit Metadata