assumption-checker
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is composed exclusively of Markdown documentation and a YAML configuration file. There are no Python scripts, JavaScript files, or shell commands included.
- [PROMPT_INJECTION] (SAFE): The instructions are designed to improve task accuracy and do not contain directives to bypass safety filters, disregard system instructions, or extract system prompts.
- [DATA_EXPOSURE] (SAFE): The protocol encourages the agent to verify the existence of files or the reachability of APIs mentioned in a user's task. It does not contain hardcoded credentials or instructions to access sensitive system paths like SSH keys or environment secrets.
- [INDIRECT_PROMPT_INJECTION] (LOW): As the skill involves the agent inspecting external data sources (e.g., CSV files or database schemas) to verify assumptions, it is exposed to potential instructions embedded in that data. However, the skill provides a structured table-based output which helps maintain clear boundaries between data analysis and execution.
- Ingestion points: External files (e.g., CSV), API endpoints, and database schemas mentioned by the user (SKILL.md).
- Boundary markers: The skill uses Markdown tables to isolate verified data from the reasoning process, though it does not explicitly define delimiters for raw data inspection.
- Capability inventory: The skill relies on the host agent's native capabilities for file reading and network testing; it introduces no new capabilities.
- Sanitization: No explicit sanitization or escaping logic is provided within the instructional text.
Audit Metadata