analyze-codebase
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell utilities including 'tree', 'find', and 'wc' to map project structure and gather file metrics for documentation purposes.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection when processing untrusted codebases. 1. Ingestion points: File paths and directory structure analyzed via 'tree' and 'find' commands. 2. Boundary markers: None present in instructions. 3. Capability inventory: Executes subprocesses for analysis and writes documentation to the '.agents/SYSTEM/' directory. 4. Sanitization: None present for the ingested data.
Audit Metadata