Skills
skills/sap/fundamental-ngx/a11y-audit/Gen Agent Trust Hub

a11y-audit

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill's functionality is limited to static analysis of local source code. It uses built-in tools (Read, Grep, Glob) to facilitate the audit process without requiring elevated privileges or network access.
  • [PROMPT_INJECTION]: The skill evaluates content from external files provided via $ARGUMENTS, which represents an indirect prompt injection surface.
  • Ingestion points: Code and documentation files at the path specified in $ARGUMENTS (SKILL.md).
  • Boundary markers: Absent; the skill does not explicitly instruct the agent to ignore instructions embedded within the code being audited.
  • Capability inventory: File system read access via Read, Grep, and Glob tools. No shell execution or network capabilities are permitted in the configuration.
  • Sanitization: None; the skill is designed to interpret the content of the files as source code for compliance checking.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 12:53 PM