zoom-out
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses subprocess.run to execute git commands and its own internal scripts (zoom_out_inventory.py, validate.py) for repository discovery and package validation. These operations are limited to the local environment and are consistent with the skill's stated purpose.
- [PROMPT_INJECTION]: The skill processes untrusted repository content through its inventory script. This creates an indirect prompt injection surface where malicious instructions inside scanned files could be reflected in the mapping output, although the tool employs structured formatting for its results.
- [SAFE]: No obfuscation, unauthorized network exfiltration, or persistence mechanisms were found. The skill's behavior matches its documentation and intended use case as a developer productivity tool.
Audit Metadata