cartographer
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (
scripts/scan-codebase.py) to perform local file system traversal and token counting. This is a standard operational step for the skill's stated purpose. - [EXTERNAL_DOWNLOADS]: The skill identifies
tiktokenas a dependency. This is a standard and trusted library used for token estimation. The instructions provide standard installation commands for this package. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes the content of arbitrary codebase files.
- Ingestion points: Local files are read by the scanner script and the subagents during analysis in
SKILL.mdandscripts/scan-codebase.py. - Boundary markers: The subagent instructions in
SKILL.md(Step 4) do not define specific delimiters for separating project code from instructions. - Capability inventory: The skill can read local files, write documentation to the filesystem, and spawn subagents via the Task tool.
- Sanitization: No sanitization of the files being documented is performed.
Audit Metadata