Skills
skills/ianphil/my-skills/code-walkthrough/Gen Agent Trust Hub

code-walkthrough

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses showboat exec to run shell utilities such as sed, grep, cat, and head to extract code snippets and capture live output for documentation purposes.
  • [EXTERNAL_DOWNLOADS]: Recommends installing the showboat utility via standard package managers (pip, uv, go) from the official repository of a well-known developer (simonw/showboat).
  • [INDIRECT_PROMPT_INJECTION]: As the skill reads and processes local source code to generate narrative documentation, it is susceptible to instructions embedded within that code. Evidence: (1) Ingestion points: Reads local files via shell commands in SKILL.md. (2) Boundary markers: No delimiters or ignore instructions are specified. (3) Capability inventory: Executes shell commands and scripts via showboat exec. (4) Sanitization: No sanitization or validation of the extracted code content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:29 AM