autostar-web
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration attempts were detected. The skill instructions focus on defining a rigid, human-in-the-loop optimization framework.
- [COMMAND_EXECUTION]: The skill explicitly restricts its own capabilities within the web runtime environment, setting
subprocess: falseand defining a policy that forbids the use of external mathematical solvers or system-level tools without explicit user approval. - [INDIRECT_PROMPT_INJECTION]: As an optimization loop, the skill processes user-provided artifacts which represent a surface for indirect prompt injection. The skill mitigates this through the use of immutable evaluation rubrics for the 'LLM judge' component and requiring human approval for mission goals, decomposition, and final results.
- [DATA_EXFILTRATION]: The skill uses local or connector-backed memory for state management. No unauthorized network operations or exfiltration of sensitive files (e.g., SSH keys, credentials) were identified. Hardcoded credentials are not present.
Audit Metadata