cost-verification-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill identifies a surface for indirect prompt injection because it is designed to ingest and process untrusted user data for token estimation. Ingestion points: User prompts and source code snippets are processed in the calibration logic described in SKILL.md. Boundary markers: There are no instructions or delimiters suggested to isolate the ingested content from agent instructions. Capability inventory: The skill manifest authorizes the use of 'Bash', 'Read', and 'Write' tools. Sanitization: No sanitization or escaping of the processed text data is indicated in the guidelines.
- [No Code] (SAFE): The skill consists entirely of markdown documentation and reference data without any executable scripts or binary files, minimizing the risk of direct malicious execution.
Audit Metadata