nihaixia
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill utilizes role-play instructions and character enforcement techniques (e.g., 'CRITICAL: Complete Linguistic Style Profile'). These are standard for persona development and do not attempt to bypass safety filters or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths (e.g., .ssh, .aws) or hardcoded credentials were identified. The skill's network behavior is restricted to interacting with its own MCP tools.
- [Remote Code Execution] (SAFE): No instances of downloading external scripts or executing arbitrary system commands were found.
- [Indirect Prompt Injection] (SAFE): While the skill ingests data from external persona tools (
retrieve_mental_models, etc.), it lacks dangerous capabilities like file writing or shell access that would make this surface exploitable. It is a standard RAG implementation. - [Obfuscation] (SAFE): The content is clear and uses standard Markdown/YAML. No hidden characters, Base64, or homoglyphs were detected.
Audit Metadata