legacy-archaeologist
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted codebase content, creating a surface for indirect prompt injection.\n
- Ingestion points: Reads source files (
src/), test files (tests/), and generated archaeology reports as part of the discovery and documentation process (SKILL.md).\n - Boundary markers: No specific delimiters or instructions to ignore instructions embedded within the analyzed source code are defined.\n
- Capability inventory: The skill utilizes shell commands including
grep,wc,test,git, and executes project-specific test runners likenpm testorpytest.\n - Sanitization: There is no explicit sanitization or filtering of external code content before it is processed by the agent.\n- [COMMAND_EXECUTION]: The skill requires the agent to execute shell commands to analyze the project and verify refactoring steps.\n
- Evidence: Includes the use of
grep,wc,test, andgit logto extract system metadata and verify file integrity in the 'Self-Verification Checklist'.\n - Context: Commands are used for local static analysis and ensuring the consistency of the refactoring process.
Audit Metadata