reality-check
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No malicious instructions designed to bypass safety filters or extract system prompts were found. Directional terms like 'IMPORTANT' are used legitimately to emphasize review standards.
- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive local file paths (e.g., SSH keys, credentials) and contains no hardcoded secrets.
- Unverifiable Dependencies & Remote Code (SAFE): No external packages or remote scripts are downloaded or executed. The skill consists only of instructional Markdown.
- Indirect Prompt Injection (SAFE): While the skill analyzes user-provided content and utilizes web search capabilities for research, it does not possess executive tools (like file-writing or code execution) that would make it vulnerable to indirect exploitation.
- Privilege Escalation & Persistence (SAFE): No commands related to system modification, privilege escalation (e.g., sudo), or persistence (e.g., cron jobs) are present.
Audit Metadata