Skills
skills/sd0xdev/sd0x-dev-flow/deep-analyze/Gen Agent Trust Hub

deep-analyze

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill creates a potential surface for indirect prompt injection as it ingests untrusted data from both user arguments and the local codebase to perform its analysis. This is a functional requirement of its primary purpose.
  • Ingestion points: Processes user input via $ARGUMENTS and codebase content via Read, Grep, and Glob tools.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are included in the subagent prompt in SKILL.md.
  • Capability inventory: The skill has filesystem write access via the Write tool and shell execution via restricted Bash commands (git and node).
  • Sanitization: No validation or filtering is applied to the ingested content before it is processed by the agent.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: No patterns of accessing sensitive credentials (like .ssh or .env files) or exfiltrating data to external domains were identified.
  • [UNVERIFIABLE_DEPENDENCIES]: The skill does not perform external package installations or download scripts from remote servers.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 07:24 PM