fossflow-diagrams
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of Markdown instructions and reference documentation. There are no scripts (.py, .js, .sh), no binary executables, and no configuration files that could trigger system actions.
- [DATA_EXFILTRATION] (SAFE): There are no commands or instructions that access local files (like SSH keys or credentials) or perform network requests. The external URLs mentioned are documentation references, not targets for data transmission.
- [EXTERNAL_DOWNLOADS] (SAFE): While the skill references a remote 'canonical source' URL for documentation, it does not contain any logic to download, install, or execute external packages or scripts.
- [PROMPT_INJECTION] (SAFE): The instructions focus strictly on formatting JSON output. There are no patterns of behavior overriding or safety bypass attempts. The 'Iron Rule' and 'STOP and Fix' sections are standard formatting constraints to ensure valid JSON output.
Audit Metadata