codebase-audit
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted documentation and codebase files to build its analysis.
- Ingestion points: Reads project-level documentation such as README.md, AGENTS.md, and source code files during the architectural investigation and audit phases.
- Boundary markers: The instructions do not define delimiters or specific 'ignore' commands to isolate external content from the agent's core instructions.
- Capability inventory: Uses code navigation and file reading tools to search and retrieve content from the repository.
- Sanitization: No validation or sanitization is performed on the content of the ingested files.
- [DATA_EXFILTRATION]: The skill explicitly directs the agent to identify and report sensitive information, including API keys, account IDs, and environment-specific hostnames. While this is the intended purpose of the audit, it facilitates the exposure of credentials within the project context.
Audit Metadata