astro-6
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a mandatory workflow requiring the use of specific sub-agents and tools for exploration and validation, which overrides standard agent behavior.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to analyze local codebase content and external search data.\n
- Ingestion points: Local project files and external research results from Exa and Context7.\n
- Boundary markers: No delimiters or instructions are provided to the agent to treat ingested data as untrusted content.\n
- Capability inventory: Includes codebase analysis, tool execution, and agent orchestration.\n
- Sanitization: No specific sanitization or filtering logic is defined for the processed data.\n- [REMOTE_CODE_EXECUTION]: The documentation provides instructions for using package managers to download and execute tools from the official Astro registry.
Audit Metadata