performance
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to run local Python scripts for structural code analysis. Evidence: Instructions to use
python .claude/scripts/code_graph query callers_of <function> --json. - [PROMPT_INJECTION]: Potential surface for Indirect Prompt Injection through processed files. Ingestion points:
docs/project-reference/domain-entities-reference.mdand codebase files. Boundary markers: Explicit instruction to check for[Injected: ...]headers. Capability inventory: Subprocess execution via local Python scripts and file writing toplans/reports/. Sanitization: No specific argument sanitization described for graph queries. - [SAFE]: The skill enforces mandatory evidence-based reasoning protocols, requiring
file:lineproof and minimum confidence thresholds (80%) for all recommendations, which effectively mitigates the risk of hallucinated or unverified optimization suggestions.
Audit Metadata