variation-theory
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts. The content is purely instructional regarding educational theory.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network-enabled commands (e.g., curl, wget) were detected.
- Obfuscation (SAFE): No use of Base64, zero-width characters, homoglyphs, or other obfuscation techniques was found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not perform any package installations or remote script executions. Code snippets in the documentation are for pedagogical illustration only.
- Privilege Escalation & Persistence (SAFE): No commands related to privilege escalation (e.g., sudo, chmod) or persistence (e.g., cron, startup scripts) were found.
- Metadata Poisoning (SAFE): Metadata in the YAML frontmatter and descriptions accurately reflects the skill's purpose and does not contain hidden instructions.
- Indirect Prompt Injection (SAFE): This skill provides static guidelines and does not ingest or process untrusted external data that could lead to injection.
Audit Metadata