explanatory-playground
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The skill is designed to surface internal system states and data flows through instrumentation. \n
- Evidence: Steps 2 and 6 focus on revealing hidden states, transitions, and logic via emitters and proxies. \n
- Mitigation: Step 7 includes a specific check (
process.env.NODE_ENV !== 'development') to prevent the visualization routes from being accessible in production environments.\n- [Dynamic Execution] (LOW): The skill instructs the agent to generate new application routes and instrumentation scripts. \n - Evidence: Steps 7 and 8 describe creating
app/__dev/routes andsrc/lib/files. \n - Context: The generation is template-based and for developer tooling; the skill includes explicit 'EXPLANATORY-PLAYGROUND' markers and cleanup steps to facilitate the removal of generated code.\n- [Indirect Prompt Injection] (INFO): The skill creates an attack surface by ingesting application data for visualization. \n
- Ingestion points: System state captured via
EventEmitterandProxyobjects in Step 6. \n - Boundary markers: None specified for the data being visualized. \n
- Capability inventory: Visualization (display-only) within a React component. \n
- Sanitization: None specified; however, the impact is limited to display-only within a development route.\n- [Unverifiable Dependencies & Remote Code Execution] (INFO): Recommends the installation of external UI libraries. \n
- Evidence: Step 3 suggests using
react-flowandrechartsfor building the visualization interfaces.
Audit Metadata