jwt-decoder
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to bypass safety filters or override agent behavior were found.
- Data Exposure & Exfiltration (SAFE): The script processes tokens and secrets locally. No hardcoded credentials or network exfiltration patterns were detected.
- Indirect Prompt Injection (LOW): The skill decodes untrusted token data.
- Ingestion points: JWT token input via CLI in scripts/jwt_decoder.py.
- Boundary markers: Absent; the tool outputs raw JSON content from the token.
- Capability inventory: Local JSON parsing and stdout printing; no file-write or network operations.
- Sanitization: Uses standard base64 and json libraries; no execution of token content occurs.
- External Dependencies (LOW): References the pyjwt library. This is a standard dependency for JWT operations and is not automatically installed or executed via untrusted channels.
Audit Metadata