narrative-snippets
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill is purely instructional and focused on text transformation tasks.\n- [NO_CODE]: The skill consists exclusively of Markdown documentation and templates. There are no Python scripts, Node.js packages, or shell commands, eliminating the risk of command execution or malware persistence.\n- [DATA_EXFILTRATION]: No network activity, HTTP requests, or patterns suggesting the exfiltration of data were found. The skill does not reference any external URLs or non-whitelisted domains.\n- [PROMPT_INJECTION]: While the skill provides instructions for the agent to follow, it does not contain bypass markers, jailbreak attempts, or commands to disregard safety protocols.\n- [SAFE]: (Indirect Prompt Injection Surface Analysis)\n
- Ingestion points: The skill processes untrusted 'source material' via a template in
Example.mdat the[INSERT SOURCE MATERIAL HERE]placeholder.\n - Boundary markers: The template uses horizontal rules (
---) as delimiters between instructional text and the external content.\n - Capability inventory: None. The skill does not have access to subprocesses, filesystem writing, or network operations.\n
- Sanitization: There is no specific validation or sanitization of input data, but the lack of dangerous tools makes the injection surface low-risk.
Audit Metadata