extract-glossary
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like ripgrep (rg) to search through codebase content and git commands to identify repository metadata and remotes. These commands are fundamental to the skill's purpose of analyzing and documenting a repository.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). It ingests untrusted data from external sources, specifically files within target repositories such as READMEs and source code, to generate summaries and glossaries. Maliciously crafted content within these processed files could attempt to influence the agent's output. Evidence: 1. Ingestion points: Target repository files (README.md, docs/, source code). 2. Boundary markers: Absent. 3. Capability inventory: File reading, regex searching, and repository metadata access. 4. Sanitization: Absent.
Audit Metadata