professional-communication
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No patterns of instruction override, safety bypass, or role-play injection were detected. The content consists entirely of legitimate professional communication guidelines.
- [Data Exposure & Exfiltration] (SAFE): The skill does not perform any network operations or access sensitive file paths. No hardcoded credentials or secrets were found in the templates or documentation.
- [Obfuscation] (SAFE): All files consist of plain-text Markdown. No Base64 encoding, zero-width characters, or homoglyphs were identified.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not define any external dependencies (Python or Node.js) and does not contain any commands to download or execute remote scripts.
- [Indirect Prompt Injection] (LOW): While the skill's purpose is to help an agent process or draft communications (which are untrusted external data), the skill provides static templates and frameworks rather than automated execution logic. The tools used (Read, Glob, Grep) are limited to the local environment to access the reference files.
- [Privilege Escalation & Persistence] (SAFE): No commands related to administrative privileges (sudo) or persistence (cron, shell profiles) are present.
Audit Metadata