llm-artifacts-detection
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of documentation and instructional prompts. No executable scripts, binaries, or shell commands are present within the skill's files.\n- [PROMPT_INJECTION]: Indirect Prompt Injection Analysis (Category 8):\n
- Ingestion points: The skill's prompts instruct an agent to analyze arbitrary codebase content, including source code, test files, and comments, which are untrusted data sources.\n
- Boundary markers: The prompts in SKILL.md do not include explicit delimiting boundaries or directives to ignore instructions embedded within the code being analyzed.\n
- Capability inventory: The skill logic does not perform or request any high-risk capabilities such as file system writes, network requests, or shell command execution.\n
- Sanitization: No sanitization or filtering of the codebase content is performed before the analysis takes place.\n
- Assessment: Although an indirect prompt injection surface is present due to the nature of code analysis, the risk is negligible as the skill lacks any capabilities that could be exploited to cause side effects.
Audit Metadata