scoring-engine
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions found that attempt to bypass safety filters or override agent behavior.
- [DATA_EXFILTRATION] (SAFE): No sensitive file paths or network calls are present. The code performs local mathematical calculations.
- [REMOTE_CODE_EXECUTION] (SAFE): No dynamic execution (eval, exec) or remote script downloads were detected.
- [COMMAND_EXECUTION] (SAFE): The skill does not spawn subprocesses or execute shell commands.
- [EXTERNAL_DOWNLOADS] (SAFE): No external package installations or remote resource fetching logic is included.
- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded API keys, tokens, or passwords were found.
- [INDIRECT_PROMPT_INJECTION] (INFO): The skill ingests untrusted data (video statistics). However, because the skill lacks side-effect capabilities (no file writes, network ops, or code execution), the risk of indirect injection is negligible.
Audit Metadata