admin-dashboard
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found. The instructional content is limited to software development patterns.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path leaks, or unauthorized network calls were detected. The skill explicitly provides patterns for secure data handling and authentication.
- [Remote Code Execution] (SAFE): While the skill's metadata allows for
npmandnpxcommand execution, there are no patterns involving the download and execution of untrusted remote scripts (e.g.,curl | bash). - [Indirect Prompt Injection] (LOW):
- Ingestion points: The skill interacts with the local codebase (React components, API routes) through Read, Write, and Edit tools.
- Boundary markers: None explicitly defined in the provided markdown.
- Capability inventory: Includes file system modification (Write, Edit) and package management commands (npm, npx).
- Sanitization: The skill contains explicit instructions to sanitize error logs and aggregate data to maintain HIPAA compliance, reducing the risk of accidental data leakage.
Audit Metadata