university-project-review
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes several shell commands including find, grep, cat, and xargs to inspect the project structure, detect technology stacks, and analyze source code for quality evaluation. These commands are executed locally and are aligned with the skill's stated purpose of project auditing.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and processes untrusted files from the project directory, such as README.md and various source code files.\n
- Ingestion points: Untrusted data enters the agent context via files like README.md, package.json, and source code files (.ts, .tsx, .jsx, .css) during both the orientation and category review phases.\n
- Boundary markers: The skill does not employ specific delimiters or system instructions to distinguish between the skill's operational logic and the untrusted content being read.\n
- Capability inventory: The skill has permissions to execute shell commands for system inspection and write access to the current working directory to create the REVIEW.md report.\n
- Sanitization: Content retrieved from external project files is not sanitized, escaped, or validated before being included in the LLM's context for analysis.
Audit Metadata