blast-radius
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
jbcontextandghcommand-line interfaces to discover repositories, perform semantic code searches, and retrieve repository metadata. These commands are integral to the skill's purpose of analyzing the 'blast radius' of code changes.- [PROMPT_INJECTION]: The workflow incorporates an indirect prompt injection surface by reading and acting upon data contained inCLAUDE.mdandAGENTS.mdfiles within the target project. Maliciously crafted data in these files could influence the agent's behavior or parameters used in subsequent tool calls. - Ingestion points: Project-level documentation files (
CLAUDE.md,AGENTS.md). - Boundary markers: The skill uses specific HTML comments (
<!-- blast-radius-repos-start -->) to locate data, but it does not instruct the agent to ignore potentially malicious instructions embedded in the rest of the file. - Capability inventory: Execution of shell commands via
jbcontextandgh, including API calls to GitHub. - Sanitization: There is no explicit sanitization of the
git-remote-urlvalues extracted from external files before they are interpolated into shell command strings.
Audit Metadata