ln-627-diagnosability-auditor

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill implements a legitimate diagnostic audit workflow. It is restricted to reading codebase structures and writing findings to a designated output directory. The 'Do not auto-fix' rule explicitly prevents the agent from modifying the audited codebase.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because its core function requires reading and verifying untrusted code from an external codebase.\n
  • Ingestion points: The agent ingests data from the project under audit using Read, Grep, and mcp__hex-line__read_file tools.\n
  • Boundary markers: The instructions do not define specific delimiters or 'ignore' directives to isolate the audited code content from the agent's logic.\n
  • Capability inventory: The skill possesses Bash, Write, and Read capabilities, which are used to search the project and generate markdown/JSON artifacts.\n
  • Sanitization: No explicit sanitization or filtering of the audited code is specified before the agent performs context verification.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 10:52 AM
Security Audit — agent-trust-hub — ln-627-diagnosability-auditor