explaining-code
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): The instructions are standard behavioral guidelines for the agent and do not contain any patterns typical of prompt injection or system prompt extraction.
- Indirect Prompt Injection (LOW): While the skill processes user-provided code (untrusted data), it lacks any tools or capabilities (e.g., file writing, network requests, or shell execution) to act upon malicious instructions embedded in that code. The output is limited to analogies and diagrams.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file paths were detected. The skill does not perform any network operations.
- Malicious Code (SAFE): There are no scripts, binaries, or command executions included in this skill.
Audit Metadata