en-explainer
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes external technical documentation and user-provided files to generate explanations, creating a surface for potential indirect prompt injection. However, the scope is limited to technical explanation without dangerous system capabilities. Ingestion points: Technical text input and file paths provided by the user as defined in SKILL.md. Boundary markers: None specified to isolate external data from instructions. Capability inventory: Limited to reading local file content for contextual understanding; no network, write access, or command execution capabilities detected. Sanitization: No explicit sanitization or filtering logic is defined for the input text.
- [NO_CODE]: The skill consists entirely of markdown instructions and reference materials. No Python, Node.js, or shell scripts are present in the package.
Audit Metadata