the-oracle
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions to bypass safety guidelines. It features an anti-priming protocol and a skepticism protocol to prevent the agent from adopting potentially malicious or biased framing from the user.- [Data Exposure & Exfiltration] (SAFE): Research functions utilize git logs and documentation. No hardcoded credentials or unauthorized data exfiltration patterns were detected.- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external script downloads or package installations are present.- [Indirect Prompt Injection] (SAFE): The skill identifies the surface area for indirect injection (via external context like git or web search) and provides specific procedural mitigations (Skepticism Protocol) to handle untrusted data safely. Evidence Chain: 1. Ingestion points: git history, web search results, research tickets. 2. Boundary markers: uses structured headers like CORE QUESTION and MANDATORY RESEARCH SOURCES. 3. Capability inventory: git log, tk, todos_oneshot, WebSearch. 4. Sanitization: implements a logical 'Skepticism Protocol' for independent verification.
Audit Metadata