solid-principles
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of instructional Markdown files and reference documentation. No executable code, scripts, or binary files are present in the package.
- [PROMPT_INJECTION]: The skill workflow involves processing user-provided source code, which is an indirect prompt injection surface. This surface is assessed as safe because the skill lacks operational capabilities like shell access, network requests, or file-writing tools. 1. Ingestion points: user-provided source code via SKILL.md. 2. Boundary markers: None. 3. Capability inventory: Textual analysis and reporting only. 4. Sanitization: None.
- [NO_CODE]: No Python or Node.js scripts were found in the skill package.
Audit Metadata