brooks-audit
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from the codebase, creating a surface for indirect prompt injection.
- Ingestion points: Project manifests (package.json, go.mod, etc.) and source code files read during the discovery phase.
- Boundary markers: Absent. The instructions do not define delimiters or ignore-rules for the analyzed content.
- Capability inventory: Glob and Grep are used for filesystem discovery, and the agent generates text and Mermaid reports.
- Sanitization: Absent. The skill analyzes raw code structure without specific escaping or validation of the ingested strings. This is a standard risk for architectural analysis tools.
Audit Metadata