matrixscan-batch-flutter
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process untrusted data in the form of existing project source code.\n
- Ingestion points: The skill reads Flutter/Dart files (e.g.,
evals/fixtures/EmptyScreen.dart) to understand the project context and integration points.\n - Boundary markers: The instructions do not specify the use of boundary markers or delimiters when interpolating file content into prompts.\n
- Capability inventory: The skill has the capability to write modifications directly back to the user's source code files.\n
- Sanitization: There is no evidence of sanitization or filtering applied to the ingested code content before it is processed by the AI model.\n- [SAFE]: The skill correctly references official documentation and license management portals from the vendor's own domains (scandit.com), which is consistent with its stated purpose.
Audit Metadata