explore-api
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow for researching external APIs using third-party sources to inform the generation of proof-of-concept code, representing an indirect prompt injection surface.
- Ingestion points: External documentation URLs and community resources referenced in Phase 1 and Phase 3 of the research workflow (SKILL.md).
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are included in the documentation templates.
- Capability inventory: The workflow includes the creation and execution of Python-based proof-of-concept (POC) scripts in Phase 4.
- Sanitization: No sanitization or validation logic is specified for the content retrieved from external API sources.
- [NO_CODE]: The skill is entirely composed of Markdown-based instructions and templates; it does not ship with executable scripts, binaries, or configuration files.
Audit Metadata