analyze-code
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes an external
consultant CLIto process code files. While the source of this CLI is not explicitly defined in the skill files, the operation is consistent with the stated purpose of code analysis. - [EXTERNAL_DOWNLOADS]: The installation command in the metadata fetches the skill definition from a GitHub repository (
raw.githubusercontent.com). This is a standard and safe operation for skill distribution. - [PROMPT_INJECTION]: As the skill ingests and analyzes local source code, it is theoretically susceptible to indirect prompt injection if a file being analyzed contains malicious instructions designed to influence the consultant agent's output. Users should be aware of this inherent risk when analyzing untrusted codebases.
Audit Metadata