Skills
skills/involvex/skills/index-knowledge/Gen Agent Trust Hub

index-knowledge

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local shell commands including find, wc, awk, sed, sort, and uniq to analyze the project's directory structure, file counts, and code concentration by extension.
  • [DYNAMIC_EXECUTION]: Employs parallel Task agents to perform concurrent discovery of project patterns, entry points, and conventions. This is a standard architectural pattern for complex codebase analysis within this platform.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from the codebase (such as comments and existing documentation) to generate summaries. While this presents a surface for indirect prompt injection, the risk is limited to the accuracy of the generated documentation rather than system compromise.
  • [DATA_EXPOSURE]: The skill reads project configuration files (e.g., .eslintrc, pyproject.toml, AGENTS.md) and source code to extract conventions and insights. All operations are local to the repository and no network exfiltration paths were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 06:22 PM
Security Audit — agent-trust-hub — index-knowledge