Skills
skills/sethgammon/citadel/map/Gen Agent Trust Hub

map

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses node scripts/map-index.js to generate codebase indices, search files, and calculate statistics. While this is the core function of the tool, the script's source code was not provided for auditing.
  • [PROMPT_INJECTION]: The skill extracts information such as exports and symbols from source files and injects them into the prompts of other agents as 'context slices'. This creates an indirect prompt injection vector where malicious instructions placed in the codebase (e.g., in comments or symbol names) could influence the behavior of agents receiving these slices.
  • Ingestion points: The map-index.js script walks the project tree and reads source files in TypeScript, JavaScript, Python, Go, and Rust.
  • Boundary markers: The generated slices are delimited by === MAP SLICE === headers and footers.
  • Capability inventory: The skill executes shell commands via Node.js to perform its indexing tasks.
  • Sanitization: The skill instructions do not describe any sanitization or validation of the extracted symbol names or directory paths to prevent the inclusion of malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 10:49 AM