car-advisor
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains no instructions designed to override safety guidelines or hijack agent behavior. Its prompts are strictly limited to defining the scope and methodology for car comparisons and data retrieval.
- [EXTERNAL_DOWNLOADS]: The skill references established automotive platforms and official brand websites (e.g., Tesla, Xiaomi, Dongchedi, Autohome) for information gathering. These are well-known services within the specified domain, and no suspicious external script execution or file downloads were detected.
- [DATA_EXFILTRATION]: No unauthorized access to sensitive local files or data exfiltration attempts were found. The skill operates by fetching public automotive specifications and user reviews via standard web search.
- [CREDENTIALS_UNSAFE]: There are no hardcoded API keys, passwords, or secrets within the code. References to paid data services use placeholders for authentication tokens, which is standard practice.
- [COMMAND_EXECUTION]: The skill does not attempt to execute system-level commands, shell scripts, or any unauthorized software.
Audit Metadata