codebase-explorer
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains standard operational instructions and does not attempt to bypass safety filters, jailbreak the agent, or extract system prompts.
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted data from a codebase, creating a surface for indirect prompt injection.
- Ingestion points: Technical files and directories accessed via Grep and Glob searches.
- Boundary markers: Absent. The instructions do not specify delimiters or warn the agent to ignore instructions found within analyzed files.
- Capability inventory: Reading files, identifying patterns, and reporting findings back to the user.
- Sanitization: None specified.
- [No Code] (SAFE): No scripts, executables, or binaries are included with this skill; it consists entirely of a markdown instruction file.
- [Data Exposure & Exfiltration] (SAFE): While the skill reads local files, it lacks network capabilities to exfiltrate data and does not target sensitive system locations like SSH keys or environment secrets.
Audit Metadata