developer-pip-designer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- No Malicious Patterns Detected (SAFE): The skill provides structured templates and instructional content for creating HR documentation. No code execution, network calls, or obfuscation were found in the analyzed file.
- Indirect Prompt Injection Surface (INFO): The skill is designed to process external performance data (evidence, feedback, incidents) to populate templates. While this is an injection surface, the skill's capabilities are limited to text generation/display, posing negligible risk to the agent's security.
- Referenced Local Scripts (INFO): The skill mentions a local script 'scripts/validate-pip-legal.py'. While the script code was not provided for analysis, its stated purpose (language validation) is consistent with the skill's objective.
Audit Metadata