oracle-grillme
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes project files and documentation to drive its Socratic interrogation loop, creating an indirect prompt injection surface where malicious content in the codebase could influence agent behavior.\n
- Ingestion points: Local source code files,
CONTEXT.md, and ADR files indocs/adr/.\n - Boundary markers: No specific boundary markers or instructions to ignore embedded directives are provided when the agent reads file content.\n
- Capability inventory: The skill uses file system read capabilities for codebase exploration and file system write capabilities for updating documentation and ADRs.\n
- Sanitization: No sanitization or escaping of ingested file content is specified prior to interpolation into the agent's context.
Audit Metadata