Skills
skills/sd0xdev/sd0x-dev-flow/deep-explore/Gen Agent Trust Hub

deep-explore

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool for Phase 0 intent analysis to index the project and estimate scope via Grep and Glob. It also employs the Agent tool to dispatch specialized 'Explore' sub-agents in parallel waves. This usage is consistent with the skill's primary purpose of code research.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it reads content from the user's codebase and includes synthesized facts or findings in subsequent prompts for specialized agents.\n
  • Ingestion points: Files are read via the Read and Grep tools during parallel exploration waves defined in SKILL.md.\n
  • Boundary markers: The references/agent-prompt.md file includes an explicit warning instructing agents to treat previous facts as hypotheses and to verify them independently by reading the actual code.\n
  • Capability inventory: The orchestrator and its sub-agents have access to Bash, Agent, Read, Grep, and Glob tools.\n
  • Sanitization: There is no explicit sanitization or escaping of the codebase content before it is processed by the synthesis algorithm or passed to sub-agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 01:12 AM
Security Audit — agent-trust-hub — deep-explore