logic-extract
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to search for repositories using the GitHub CLI (gh api) and to retrieve codebases via git clone. These actions are essential to its function of tracing logic across systems.\n- [EXTERNAL_DOWNLOADS]: The skill automatically retrieves remote codebases from GitHub based on discovery logic that identifies organizations from existing git remotes or user-provided names.\n- [PROMPT_INJECTION]: The skill processes untrusted code from external repositories, creating an inherent surface for indirect prompt injection where malicious instructions embedded in source code could influence agent behavior during analysis.\n
- Ingestion points: Phases 1, 2, and 3 involve reading and summarizing code from multiple repositories.\n
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions when handling analyzed code content.\n
- Capability inventory: The skill utilizes tools with significant permissions including Bash, Write, and sub-agent delegation via the Agent tool.\n
- Sanitization: No explicit logic is described for sanitizing or validating the business logic extracted from external source code.
Audit Metadata