buying-and-selling-items
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions to override safety filters or ignore system prompts. It reinforces safety by explicitly forbidding the agent from posting to platforms or writing files, limiting interaction to chat only.
- [Data Exposure & Exfiltration] (SAFE): No credentials, secrets, or sensitive file paths are accessed. All operations are confined to researching item information and providing suggestions within the chat interface.
- [Remote Code Execution] (SAFE): No executable code or scripts are included in the skill files. The installation instructions use a standard CLI tool for the ecosystem and do not involve piping remote content directly into a shell.
- [Indirect Prompt Injection] (SAFE): The skill processes untrusted data from user-provided descriptions and marketplace search results. However, it lacks exploitable capabilities such as file-writing or system command execution. Evidence: 1. Ingestion points: Item images and descriptions (SKILL.md). 2. Boundary markers: None specified. 3. Capability inventory: No dangerous tools or scripts present. 4. Sanitization: None specified. The risk is considered negligible due to the absence of powerful capabilities.
Audit Metadata