analyze-project
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill maintains a read-only stance towards the target repository, restricting its write capabilities to a dedicated 'analysis_outputs' directory for results. This design prevents unintended or malicious modifications to the analyzed project code.
- [SAFE]: Source code inspection is performed using Python's
astmodule. By parsing files into an abstract syntax tree rather than executing them, the skill mitigates the risk of arbitrary code execution from malicious files within the repository. - [SAFE]: The Python analysis script employs
yaml.safe_load()for configuration parsing. This is a critical security best practice that prevents the execution of arbitrary Python objects during YAML deserialization. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted data (repository files and user-provided context) which is then used by the agent for analysis and reporting.
- Ingestion points: The
analyze_project.pyscript reads the full text of files within the target repository and an optional external context file (JSON/YAML). - Boundary markers: No explicit boundary markers or isolation instructions are used when returning repository content to the agent context.
- Capability inventory: The skill has read/write file system access but is restricted to a specific output folder. It lacks network access, privilege escalation tools, or shell execution capabilities.
- Sanitization: The tool performs structural analysis (AST) but does not sanitize or filter the natural language content extracted from the repository before it is presented to the agent.
Audit Metadata