Skills
skills/flora131/atomic/explain-code/Gen Agent Trust Hub

explain-code

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use playwright-cli (via npx) and curl to browse the web and fetch external documentation.
  • [EXTERNAL_DOWNLOADS]: At runtime, the skill may download the playwright-cli package using npx if it is not already present in the environment.
  • [PROMPT_INJECTION]: User-provided input is directly interpolated into the core execution instructions via the $ARGUMENTS placeholder.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes untrusted external data from the web.
  • Ingestion points: External documentation sites, GitHub repositories, and /llms.txt endpoints via playwright-cli and curl (SKILL.md).
  • Boundary markers: The skill lacks explicit delimiters or instructions to the agent to disregard commands embedded within the fetched external documentation.
  • Capability inventory: The skill has the ability to write to the local filesystem (research/web/) and execute shell commands (npx, curl).
  • Sanitization: There are no instructions provided to sanitize or validate the content retrieved from external URLs before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 04:38 PM