code-documentation-code-explain
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOW
Full Analysis
- [Category 8: Indirect Prompt Injection] (LOW): The skill's primary function is to ingest and process external code and documentation provided by users. This creates an attack surface where malicious instructions could be embedded in the code being analyzed. However, the skill itself does not possess high-privilege capabilities like network access or file writing, limiting the risk to the local reasoning context. Mitigation: Use boundary markers (e.g., XML tags or distinct delimiters) when passing untrusted code to this skill.\n- [Overall Assessment] (SAFE): Analysis of the skill instructions, metadata, and referenced resources found no indicators of prompt injection, obfuscation, persistence, or data exfiltration. The skill adheres to its stated purpose of code education.
Audit Metadata