project-context-ingestion
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill identifies and analyzes standard project configuration files such as Gradle build scripts, Spring properties, and Docker manifests. This is a core function used to determine technical compatibility and does not involve unauthorized data access or transmission.
- [PROMPT_INJECTION]: The skill ingests untrusted data from the repository's source files, which presents a surface for indirect prompt injection. Ingestion points: Build files, properties, and manifests in the target repository. Boundary markers: Not explicitly implemented. Capability inventory: No file-write, shell execution, or network communication capabilities across the provided scripts. Sanitization: No specific filtering of ingested text is performed.
Audit Metadata