threat-modeling
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists exclusively of Markdown documentation and JSON metadata. It does not include any executable scripts, binaries, or automated tool definitions.
- [SAFE] (SAFE): No malicious patterns related to prompt injection, data exfiltration, or obfuscation were identified. All content is educational and focuses on software security best practices.
- [SAFE] (SAFE): The skill does not perform any network operations, access sensitive local files, or request elevated privileges.
- [SAFE] (SAFE): Indirect Prompt Injection (Category 8) assessment: Ingestion points include user-provided system descriptions in reference files; boundary markers are absent in templates; capability inventory is empty as no tools or scripts are provided; sanitization is absent. Due to the lack of executable capabilities or tool access, this surface poses no security risk.
Audit Metadata