codeprobe-error-handling
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is a diagnostic tool for performing static code analysis to improve software resilience. The instructions are purely instructional and directed toward identifying structural defects.
- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection as it processes untrusted project code. 1. Ingestion points: Source code is read via the Read, Grep, and Glob tools. 2. Boundary markers: No specific delimiters are defined in the instructions to isolate analyzed code. 3. Capability inventory: The skill utilizes the Bash tool for search operations. 4. Sanitization: No sanitization of analyzed code is implemented. This exposure is typical for static analysis tools and does not indicate malicious intent.
- [COMMAND_EXECUTION]: The skill configuration allows for the use of the Bash tool. The instructions use it only for legitimate searching and scanning of the project codebase.
Audit Metadata