token-budget-advisor
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to intercept the response flow to offer depth options. This is a design-level interaction pattern intended to give users control over response length and does not involve bypassing safety filters, ignoring core instructions, or escalating privileges.
- [EXTERNAL_DOWNLOADS]: The documentation references an external GitHub repository for attribution and further reading. The skill explicitly states it is zero-dependency and does not include any commands to download, install, or execute remote content.
- [DATA_EXFILTRATION]: No network-capable tools or commands (such as curl or wget) are present. The skill operates entirely within the local context of the conversation.
- [COMMAND_EXECUTION]: The skill contains no shell commands, script execution patterns, or subprocess calls. It is composed entirely of natural language instructions and heuristic formulas.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user prompts to perform word and character counts for token estimation.
- Ingestion points: User input prompts (SKILL.md).
- Boundary markers: None provided.
- Capability inventory: None; the skill lacks file-system access, network access, or code execution capabilities.
- Sanitization: Not present, as the skill only performs mathematical estimations based on input length.
Audit Metadata