cm
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists exclusively of markdown documentation and usage examples. No security risks were identified in the instructions provided.
- [NO_CODE]: This skill does not include any scripts, binaries, or configuration files. It acts as a guide for the agent to use an existing CLI tool available in the environment.
- [PROMPT_INJECTION]: The tool parses local codebase content (functions, classes, comments). This creates a surface for indirect prompt injection if the analyzed code contains adversarial text designed to influence the agent. However, given the skill's purpose as a developer aid and its lack of high-privilege capabilities like network access, this is considered a standard operational risk rather than a malicious finding.
Audit Metadata