agent-md-refactor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- No Code (SAFE): The skill consists entirely of markdown instructions for the AI agent. No Python scripts, Node.js code, or shell commands are included.
- Indirect Prompt Injection (SAFE): The skill is designed to ingest and process user-provided instruction files like CLAUDE.md. While these are untrusted data sources, the skill lacks execution tools or network access, preventing any malicious payload from being executed or exfiltrating data. 1. Ingestion points: CLAUDE.md, AGENTS.md. 2. Boundary markers: Absent. 3. Capability inventory: No subprocess calls, network ops, or file system modifications via code detected. 4. Sanitization: None.
Audit Metadata