knowledge-graph
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates codebase indexing and analysis, which creates a surface for indirect prompt injection where malicious instructions embedded in source code (e.g., in comments or literals) could influence agent behavior.
- Ingestion points: Repository content at the path provided to 'mcp__codebase-memory__index_repository' is processed and indexed into the graph.
- Boundary markers: No specific boundary markers or instructions to ignore embedded prompts are defined in the skill for the analyzed content.
- Capability inventory: Tools such as 'search_code', 'get_architecture', and 'trace_call_path' retrieve context that informs the agent's logic and responses.
- Sanitization: There is no documented sanitization or filtering of the source code content before it is indexed or queried.
- [EXTERNAL_DOWNLOADS]: The skill documentation recommends installing the 'codebase-memory-mcp' package via the npm registry, which is a well-known service.
- [NO_CODE]: The skill contains only documentation and tool usage instructions without any bundled executable scripts or code files.
Audit Metadata