sugarcrm-core
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No patterns of prompt injection, role-play overrides, or instructions to bypass safety filters were detected. The content is strictly informational and procedural.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive file paths were found. The skill explicitly advises developers to avoid hardcoding secrets and to use secure configuration management.
- [Obfuscation] (SAFE): No obfuscated text, encoded strings, or hidden characters were detected in any of the files.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No package managers (npm, pip) or remote script execution patterns (curl|bash) are present. The skill provides reference links to official SugarCRM documentation.
- [Privilege Escalation] (SAFE): No commands related to privilege escalation (sudo, chmod) were identified.
- [Persistence Mechanisms] (SAFE): No attempts to establish persistence on a host system were found.
- [No Code] (SAFE): The skill contains only Markdown documentation and does not include any executable scripts or binaries.
Audit Metadata