understand-domain
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Resolves the project root and manages git worktrees using standard shell commands for persistent data storage.
- [COMMAND_EXECUTION]: Executes a bundled Python script to scan the project locally for entry points and structural metadata.
- [PROMPT_INJECTION]: The skill processes untrusted project files which constitutes an indirect prompt injection surface. Ingestion points: source and metadata files scanned by the extraction script. Boundary markers: none mentioned for sub-agent input. Capability inventory: file system writes and triggering a visualization dashboard. Sanitization: output is validated against a graph schema in Phase 5.
- [SAFE]: All operations are local and respect project configurations including .gitignore, with no network activity or sensitive file access detected.
Audit Metadata