matlab-analyze-dependencies

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the evaluate_matlab_code tool to run MATLAB-based dependency analysis. It executes internal library functions such as matlab.codetools.requiredFilesAndProducts and matlab.addons.toolbox.ToolboxOptions to map the relationship between files in the workspace. This behavior is consistent with the skill's stated purpose as a developer utility.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it is designed to ingest and analyze untrusted content from user-provided MATLAB source files (.m and .mlx).
  • Ingestion points: The skill reads file contents from the local workspace to identify function calls and file path references using regex and the which() command.
  • Boundary markers: The skill does not implement specific delimiters or 'ignore' instructions when processing the contents of analyzed files.
  • Capability inventory: The agent has access to evaluate_matlab_code and check_matlab_code which are used to verify the existence of files and run the analysis logic.
  • Sanitization: The instructions include filtering for MATLAB keywords and local function names to ensure classification accuracy, though no security-specific sanitization is applied to the extracted strings.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 09:26 AM
Security Audit — agent-trust-hub — matlab-analyze-dependencies