autonomous-cost-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to override agent behavior, bypass safety filters, or reveal system prompts.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected. The skill monitors token metadata which is standard for cost management.
- [Unverifiable Dependencies & RCE] (SAFE): The skill does not define external package dependencies or perform remote script downloads/executions.
- [Indirect Prompt Injection] (LOW): The skill ingests token usage data from agent interactions to enforce budgets. While this data is derived from external sources, the skill's capabilities are limited to internal state changes (efficiency mode) and reporting, presenting minimal risk of exploitation.
- [Persistence & Privilege Escalation] (SAFE): No attempts to modify system configurations, shell profiles, or acquire elevated permissions were found.
Audit Metadata