nutritional-specialist
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- DATA_EXPOSURE (SAFE): The
preferences_manager.pyscript manages data in~/.claude/nutritional_preferences.json. This is standard local storage for application-specific data (nutritional goals, allergies) and does not involve unauthorized access to system secrets or personal credentials. - REMOTE_CODE_EXECUTION (SAFE): No external downloads or dynamic execution patterns (like eval or piped curl-to-bash) were detected.
- PROMPT_INJECTION (LOW): The skill has a surface for indirect prompt injection because it processes user-supplied text (notes, preferences). However, no malicious instructions are present in the code.
- Ingestion points:
preferences_manager.pyloads data fromnutritional_preferences.json. - Boundary markers: Absent in the management script.
- Capability inventory: Local file read/write; no network or subprocess capabilities.
- Sanitization: The script performs standard JSON parsing but does not sanitize the content of strings, relying on the calling agent for safety.
Audit Metadata