visualize-code
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted source code files without sanitization or boundary markers.
- Ingestion points: Content is ingested from user-provided file paths using the Read and Glob tools.
- Boundary markers: The prompt does not specify delimiters or instructions to ignore commands embedded within the analyzed code.
- Capability inventory: The skill metadata allows the use of high-risk tools like Bash and Write, which could be exploited if an injection is successful.
- Sanitization: There is no evidence of validation or content filtering for the files being analyzed.
Audit Metadata