codeprobe-testing
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill instructions direct the agent to read configuration and reference files from a sibling directory path ('../codeprobe/'). This access pattern is used to retrieve shared project metadata from outside the skill's immediate directory.
- [COMMAND_EXECUTION]: The skill has access to the 'Bash' tool to perform file searches and analysis, which allows for shell command execution on the host system.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core functionality involves processing untrusted source code and test files. 1. Ingestion points: Analyzes external project data using 'Read', 'Grep', and 'Glob' tools. 2. Boundary markers: The instructions do not define delimiters or warnings to ignore embedded instructions within the ingested code. 3. Capability inventory: The presence of the 'Bash' tool provides a potential execution vector if an attacker successfully injects instructions into the analyzed files. 4. Sanitization: No explicit sanitization or filtering of input data is specified before processing.
Audit Metadata