Skills
skills/zbruhnke/claude-code-starter/explain-code/Gen Agent Trust Hub

explain-code

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process external data (code files and project documentation) which represents a surface for indirect prompt injection.
  • Ingestion points: Files read using the Read, Grep, and Glob tools, as well as the mandatory check of CLAUDE.md.
  • Boundary markers: Absent. The skill instructions do not provide delimiters or specific warnings to the AI to ignore instructions embedded within the code being analyzed.
  • Capability inventory: The skill has filesystem read access via Read, Grep, and Glob tools.
  • Sanitization: Absent. There is no mention of escaping, validating, or filtering the content read from files before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:00 PM