explain-codebase
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilize standard read-only shell commands such as find, cat, and grep to perform codebase discovery. These operations are restricted to gathering project metadata from manifest files (package.json, pyproject.toml, etc.) and directory structures without executing untrusted code or exfiltrating sensitive data.
- [SAFE]: The skill reads external files (README, manifests) to generate summaries. While this represents a surface area for indirect prompt injection, it is the primary intended function for a codebase explanation tool and no specific malicious instructions or obfuscation were identified.
Audit Metadata