beyond-solid-principles
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is implemented entirely through Markdown documentation and instructions. It does not include any executable code, shell scripts, or external dependencies that could pose a risk to the environment.
- [PROMPT_INJECTION]: The skill processes untrusted, user-provided source code for analysis, which creates a potential surface for indirect prompt injection. Ingestion points: Target source code files and directories identified in the workflow section of SKILL.md. Boundary markers: The instructions do not specify the use of delimiters or guardrails to prevent the AI from following instructions embedded in the analyzed code. Capability inventory: The skill is restricted to file reading and text-based response generation; it does not possess network or system-modification capabilities. Sanitization: No input validation or code sanitization logic is provided in the skill files.
Audit Metadata