analyze
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill demonstrates safe operational practices by delegating analysis to sub-agents and maintaining full transparency of findings by displaying raw responses to the user. It does not possess any hardcoded credentials or perform unauthorized network operations. Persistent actions such as writing to the documentation directory are gated by mandatory user approval.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because its primary function involves processing untrusted code files. 1. Ingestion points: Repository source files read during discovery cycles based on user-provided arguments. 2. Boundary markers: The prompt lacks explicit delimiting instructions or warnings to ignore embedded prompts within the analyzed files. 3. Capability inventory: The skill uses the 'Task' tool for agent orchestration and has permission to write files to 'docs/' directories. 4. Sanitization: No explicit sanitization of ingested content is performed before processing. This risk is inherent to code analysis tools and is mitigated by the skill's mandatory human review checkpoints before each step.
Audit Metadata