context-engineering
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill provides best practices for prompt engineering rather than attempting to bypass safety filters. It explicitly recommends using structured delimiters (XML tags) to separate instructions from untrusted context, which is a recognized security mitigation against prompt injection.
- [DATA_EXPOSURE] (SAFE): References to sensitive-looking paths like
/workspace/auth.pyare used strictly as illustrative examples for 'Targeted Reading' patterns and do not represent actual data access or hardcoded secrets. - [COMMAND_EXECUTION] (SAFE): The mention of shell utilities such as
ls,grep, andsedare described as conceptual patterns for context selection within the DeepAgents framework, not as commands intended for malicious execution. - [EXTERNAL_DOWNLOADS] (SAFE): The documentation includes references to external educational resources (promptingguide.ai) but does not include any logic for downloading or executing remote code.
Audit Metadata