sdf-setup
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill instructions are benign and align with its stated purpose of project documentation. No malicious patterns or behaviors were identified.
- [NO_CODE]: The skill consists entirely of natural language instructions and markdown templates, with no executable scripts or external dependencies.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it analyzes the codebase (Step 1). Evidence chain: 1. Ingestion point: codebase analysis in Step 1. 2. Boundary markers: absent. 3. Capability inventory: no execution, network, or file-write capabilities were found. 4. Sanitization: absent. The risk is negligible as the skill lacks the capabilities to weaponize untrusted input.
Audit Metadata