graph-blast-radius
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local Python script (
.claude/scripts/code_graph) for various tasks like calculating blast radius, tracing dependencies, and querying the code graph. This is the primary functional mechanism of the skill. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from the local repository (specifically filenames and git changes) and interpolates them into bash command strings.
- Ingestion points: Filenames and class/function names derived from the local source code and git diffs.
- Boundary markers: None present; values are directly interpolated into command lines.
- Capability inventory: The skill has access to the
Bashtool, enabling arbitrary command execution on the host system. - Sanitization: There is no explicit instruction to sanitize or escape these identifiers before they are passed to the shell, which could lead to command injection if a file is maliciously named (e.g.,
; rm -rf / .js).
Audit Metadata