clang
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The content consists of technical documentation and command examples for the Clang compiler. No instructions designed to override AI safety filters or hijack agent behavior were found.
- [Data Exfiltration] (SAFE): No hardcoded credentials, sensitive file access (like SSH keys), or suspicious network requests were detected. The usage of local files like 'src.c' and 'default.profraw' is standard for build processes.
- [Remote Code Execution] (SAFE): The skill guides the user through standard local tool usage (clang, clang-tidy, llvm-profdata, cmake). It does not download or execute scripts from remote or untrusted sources.
- [Privilege Escalation] (SAFE): No commands requiring elevated privileges (sudo) or attempts to modify system configurations were identified.
- [Indirect Prompt Injection] (SAFE): While the skill processes user-supplied source code files, this is the intended purpose of a compiler tool. The documentation does not introduce specialized surfaces that would allow for non-obvious injection beyond the standard scope of C/C++ development.
- [Persistence Mechanisms] (SAFE): No attempts to modify shell profiles, scheduled tasks, or startup configurations were found.
Audit Metadata