skills/levnikolaevich/claude-code-skills/ln-623-duplication-overabstraction-auditor/Gen Agent Trust Hub
ln-623-duplication-overabstraction-auditor
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from the target codebase, creating a vulnerability surface for indirect prompt injection where malicious instructions in audited files could attempt to influence the agent's behavior.
- Ingestion points: Project source code and directory structures read via Read, Grep, Glob, Bash, and various MCP tools (SKILL.md, Workflow steps 3 and 4).
- Boundary markers: The instructions lack specific requirements for delimiters or 'ignore embedded instructions' warnings when the agent interpolates file content into its context.
- Capability inventory: The skill possesses Bash (shell execution), Read (file system access), and advanced code-graph analysis capabilities across its script set.
- Sanitization: No explicit sanitization or validation of codebase content is mentioned before the analysis phase.
Audit Metadata