hypothesis-tree
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- NO_CODE (SAFE): The skill contains no executable scripts (Python, JavaScript, Shell) or configuration files that could be used for malicious purposes. It is strictly a documentation-based skill.
- PROMPT_INJECTION (SAFE): No instructions attempt to override agent behavior, bypass safety filters, or extract system prompts. The instructions are purely pedagogical.
- DATA_EXFILTRATION (SAFE): No network operations (curl, wget, fetch) or sensitive file path access (SSH keys, credentials) are present in the text.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill processes user-provided questions to build trees, the agent lacks any capabilities (file-write, network, subprocess) to execute malicious instructions found in that data.
Audit Metadata