get-code-context-exa
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill retrieves and processes untrusted data from the open web, which is a known vector for indirect prompt injection. \n
- Ingestion points: Data returned by the
get_code_context_exatool (SKILL.md). \n - Boundary markers: No specific delimiters or boundary markers are defined for the tool output in the prompt logic. \n
- Capability inventory: The skill profile is restricted to searching and presenting snippets; no shell access or file-write capabilities are present in the provided configuration (SKILL.md). \n
- Sanitization: The instructions mitigate risk by mandating the agent 'extract the minimum viable snippet(s)' rather than passing raw context through, providing a manual layer of filtering.
Audit Metadata