reatom-extension-candidates
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process arbitrary code from a target codebase.
- Ingestion points: The skill reads and analyzes existing codebase files (referenced in
SKILL.md). - Boundary markers: The instructions lack explicit delimiters or markers to help the agent distinguish between its instructions and content found within the analyzed files.
- Capability inventory: The skill has access to the
Bashandreadtools, providing a pathway for command execution or further file system access if malicious instructions in the code were to be obeyed. - Sanitization: No sanitization or filtering logic is provided to validate the content of the files before they are processed by the agent.
Audit Metadata