Skills
skills/lensesio/agentic-engineering-for-apache-kafka/techdebt/Gen Agent Trust Hub

techdebt

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute commands for codebase analysis, specifically uv run ruff. While ruff is a reputable tool, the use of Bash combined with user-supplied paths via $ARGUMENTS presents a potential command injection surface if the paths are not correctly escaped by the execution environment.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external codebase files. Maliciously crafted content (e.g., instructions in comments or string literals) within the code could influence the agent's logic during analysis.\n
  • Ingestion points: The skill ingests codebase data using the Read, Grep, and Glob tools.\n
  • Boundary markers: No explicit markers are defined to help the agent distinguish between its instructions and the data it is processing.\n
  • Capability inventory: The skill has access to Bash, Read, Grep, and Glob tools.\n
  • Sanitization: There is no evidence of sanitization or filtering of the ingested file content.\n- [EXTERNAL_DOWNLOADS]: The troubleshooting section includes a command to install the ruff package using uv add. This fetches the package from the official Python package registry (PyPI), which is a well-known and trusted service.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 03:19 PM