arrow-resource
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety guidelines were detected.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were found. The code snippets use standard Java/Kotlin IO for temporary files and streams.
- [Obfuscation] (SAFE): No hidden or encoded content such as Base64, zero-width characters, or homoglyphs was detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not perform remote script execution or download untrusted packages. It provides reference material for the legitimate Arrow library.
- [Privilege Escalation] (SAFE): No commands for acquiring elevated permissions or modifying system configurations were found.
- [Persistence Mechanisms] (SAFE): No attempts to maintain access across sessions through shell profiles or scheduled tasks were detected.
- [Metadata Poisoning] (SAFE): Skill metadata accurately describes the technical content and does not contain deceptive instructions.
- [Indirect Prompt Injection] (SAFE): The skill serves as a static reference and does not ingest or process untrusted external data.
- [Time-Delayed / Conditional Attacks] (SAFE): No logic gating behavior based on time, date, or environment variables was detected.
- [Dynamic Execution] (SAFE): No runtime code generation, unsafe deserialization, or dynamic loading patterns were found.
Audit Metadata