smart-explore
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill uses directive language to influence agent behavior, such as 'This skill overrides your default exploration behavior' and 'Do NOT run Grep, Glob, Read, or find'. These instructions are intended to optimize the agent's workflow for structural code exploration rather than bypassing safety filters or core identity constraints.
- [NO_CODE]: The skill consists exclusively of a markdown documentation file. It does not package any scripts, binaries, or configuration files that could execute commands or access the file system directly.
- [INDIRECT_PROMPT_INJECTION]: The skill establishes a workflow for processing untrusted data (external source code).
- Ingestion points: Data enters the agent via
smart_search,smart_outline, andsmart_unfoldtool calls targeting the./srcdirectory. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore instructions' markers when processing the code contents returned by the tools.
- Capability inventory: The skill leverages structural parsing tools but acknowledges the continued availability of standard tools like Grep, Glob, and Read.
- Sanitization: No explicit sanitization or filtering of the retrieved code content is mentioned in the instructions.
Audit Metadata