cangjie-dev
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): The skill instructions establish a helpful persona as a Cangjie language expert and do not contain any instructions intended to bypass safety filters or override system constraints.\n- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file path access was detected. Standard database connection examples utilize benign local placeholders.\n- Obfuscation (SAFE): Analysis across the documentation set found no multi-layer obfuscation, hidden unicode characters, or homoglyphs used to mask malicious intent.\n- Unverifiable Dependencies & RCE (SAFE): The skill contains no executable scripts. Documentation for toolchain installation refers to official Huawei and standard OpenSSL sources, with no automated remote execution patterns like piped curl-to-bash commands.\n- Indirect Prompt Injection (INFO): The skill identifies a data ingestion surface, as it is designed to process user-provided Cangjie source code (.cj) and configuration files (cjpm.toml). However, the agent's capabilities are limited to reasoning and generating code snippets, with no high-privilege tool access.\n
- Ingestion points: .cj and cjpm.toml files.\n
- Boundary markers: Absent in instructions.\n
- Capability inventory: None (The skill lacks automated execution or data transmission scripts).\n
- Sanitization: Absent.\n- Dynamic Execution (SAFE): While the skill documents Cangjie's reflection and macro features, the documentation content itself does not execute dynamic code or employ unsafe deserialization.
Audit Metadata