code-breaking-changes
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill is designed to analyze untrusted external data sources, which could contain malicious instructions.
- Ingestion points: Integration surfaces including app-server APIs, CLI parameters, and configuration loading as specified in SKILL.md.
- Boundary markers: None provided; the skill lacks instructions for the agent to ignore or delimit untrusted content.
- Capability inventory: No specific tool or script capabilities are defined in this skill file, but the agent's environment likely provides the necessary tools for file and network access to perform the checks.
- Sanitization: There are no instructions for sanitizing or validating the data retrieved from external surfaces before processing.
Audit Metadata