map-codebase
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface\n
- Ingestion points: The skill performs a wide-scale scan and read of the codebase's source files in Step 1 to build a file manifest for analysis.\n
- Boundary markers: The skill does not employ delimiters or specific instructions to isolate the content of the read files from the agent's operational instructions.\n
- Capability inventory: The skill is capable of writing multiple files to the local file system (
.turbo/codebase-map.mdand.turbo/codebase-map.html) based on its findings.\n - Sanitization: There is no evidence of sanitization or filtering of the content read from source files before it is processed and summarized by the inspection agents.
Audit Metadata