compliance-checker
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill functions as a text analyzer and report generator and does not contain any executable scripts or binary files.
- [PROMPT_INJECTION]: The skill processes untrusted content provided by the user or from previous conversation steps to perform compliance checks. While this presents a surface for indirect prompt injection, the risk is assessed as safe because the skill lacks high-privilege capabilities. 1. Ingestion points: 'content' and 'claims' input fields in SKILL.md. 2. Boundary markers: Absent for the input content. 3. Capability inventory: No scripts or capabilities for network access, file system modification, or subprocess execution were detected in any skill files. 4. Sanitization: Not explicitly defined in the workflow.
Audit Metadata