churchtools-api
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Documentation Only] (SAFE): The skill contains only markdown documentation (SKILL.md) with code snippets intended to guide an AI agent. No standalone scripts (.py, .js, .sh) or configuration files that execute logic are present.
- [Credentials Check] (SAFE): No hardcoded API keys, secrets, or authentication tokens were found. The examples use generic placeholders or method calls.
- [Network & Data Safety] (SAFE): The skill provides patterns for interacting with a hypothetical 'churchtoolsClient'. It does not contain logic for unauthorized data exfiltration or connections to untrusted external domains.
- [Prompt Injection] (SAFE): There are no instructions that attempt to override system prompts, bypass safety filters, or use role-play to evade constraints.
- [Indirect Prompt Injection] (SAFE): While the skill defines how to handle API responses (a common surface for indirect injection), the provided patterns are standard error handling and data parsing routines without exploitable logic.
Audit Metadata