codebase-mapper
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill identifies technology stacks and codebase structures using standard file system tools like Read, Grep, and Glob. No malicious patterns such as credential harvesting, remote code execution, or unauthorized network activity were detected.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes the prd-analysis.md file to extract keywords for codebase searching. This represents a standard vulnerability surface where untrusted data influences agent actions.
- Ingestion points: The $ARGUMENTS/prd-analysis.md file is read at the start of the mapping process.
- Boundary markers: No specific delimiters or safety instructions are used to separate user-provided data from agent instructions.
- Capability inventory: The skill uses Read, Write, Glob, Grep, Bash, and AskUserQuestion tools across the workspace.
- Sanitization: No explicit validation or sanitization is performed on the extracted keywords before using them in search operations.
Audit Metadata