project-structure
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior or bypass safety filters.
- Data Exposure & Exfiltration (SAFE): No sensitive file access or network exfiltration patterns detected. Mentions of environment variables are for architectural organization only.
- Obfuscation (SAFE): No encoded content or hidden characters found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): Mentions standard, trustworthy ecosystem packages (React Query, Axios, Zustand) in examples. No suspicious installation or remote execution commands.
- Privilege Escalation (SAFE): No commands involving sudo, chmod, or system-level permission changes.
- Persistence Mechanisms (SAFE): No attempts to modify shell profiles or system startup sequences.
- Metadata Poisoning (SAFE): Metadata fields are descriptive and contain no hidden instructions.
- Indirect Prompt Injection (SAFE): The skill provides static architectural templates and does not process untrusted external data.
- Time-Delayed / Conditional Attacks (SAFE): No logic found that triggers behavior based on time or environment conditions.
- Dynamic Execution (SAFE): No use of eval, exec, or runtime compilation techniques.
Audit Metadata