perfecting-email-headlines
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- NO_CODE (SAFE): The skill consists entirely of markdown-based instructions for an LLM and does not include any executable scripts (Python, Javascript, Shell, etc.).
- EXTERNAL_DOWNLOADS (SAFE): No external URLs or package installations were detected.
- DATA_EXFILTRATION (SAFE): There are no commands or network operations that could exfiltrate data.
- PROMPT_INJECTION (SAFE): No malicious override or bypass patterns were detected in the instructions.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes user-supplied text (answers to discovery questions) which could contain embedded instructions. However, the skill has no executable capabilities (network, shell, file system), making the risk negligible.
- Ingestion points: User responses to the 'Discovery Questions' section in SKILL.md.
- Boundary markers: Absent; user input is directly integrated into the prompt flow.
- Capability inventory: None. The skill only generates text output and lacks access to system commands or external APIs.
- Sanitization: Absent.
Audit Metadata