audit
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection because it is designed to ingest and analyze external code or technical documentation provided by the user.
- Ingestion points: The skill processes code snippets, component implementation details, and design documentation from the user or the current development environment.
- Boundary markers: The instructions lack specific boundary markers or 'ignore' directives to prevent the agent from executing instructions potentially embedded within the audited code.
- Capability inventory: Analysis of the skill reveals no high-risk capabilities such as arbitrary command execution, network access, or filesystem write operations; it is restricted to generating text-based audit reports.
- Sanitization: There are no documented procedures for sanitizing or escaping the user-provided code before it is processed by the agent.
Audit Metadata