understand-explain
Pass
Audited by Gen Agent Trust Hub on May 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external codebase content and a knowledge graph which could contain indirect prompt injections.
- Ingestion points: .understand-anything/knowledge-graph.json and project source files.
- Boundary markers: No delimiters are specified to isolate data from instructions.
- Capability inventory: Uses Grep and file reading capabilities.
- Sanitization: No input sanitization or content validation is performed.
- [COMMAND_EXECUTION]: Instructions direct the agent to pass user input ($ARGUMENTS) to search tools (Grep), which could lead to command injection if characters are not properly escaped by the execution environment.
Audit Metadata