ai-security
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The reference document
references/ai-threat-landscape.mdcontains common attack strings such as "Ignore previous instructions" and "You are now a different assistant". These are included solely as descriptive examples of attack vectors for educational and scanning reference purposes, and do not constitute an attempt to hijack or override the agent's behavior. - [COMMAND_EXECUTION]: The skill includes a Python script
scripts/ai_threat_scanner.pydesigned to perform static analysis on source code. Analysis of the script confirms it uses regular expressions to identify security anti-patterns and does not execute the target code or perform any unauthorized shell commands. - [DATA_EXFILTRATION]: No network exfiltration or sensitive data access patterns were detected. The script operates entirely on local file system paths provided via command-line arguments.
- [REMOTE_CODE_EXECUTION]: There are no patterns involving the download or execution of remote scripts. The Python script relies only on standard libraries (
os,re,json,argparse). - [SAFE]: The skill implementation follows the stated purpose of providing security auditing tools for AI/ML pipelines without introducing malicious side effects or obfuscation.
Audit Metadata