scope-validator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No malicious instruction overrides or bypass attempts detected. The instructions are strictly focused on feature categorization and response templating.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were identified. Links provided are for legitimate project resources.
- [Obfuscation] (SAFE): Content is clear and readable with no signs of encoding, hidden characters, or homoglyphs.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not perform any remote code execution or download untrusted packages during runtime. Installation instructions use standard package management patterns.
- [Indirect Prompt Injection] (SAFE): While the skill processes user-provided feature descriptions, it lacks exploitable capabilities such as file-system access or outbound network requests. Its primary function is providing informational text responses.
- Ingestion points: User queries regarding feature scope.
- Boundary markers: None explicitly defined for input encapsulation.
- Capability inventory: Text-only output responses.
- Sanitization: Not applicable as no downstream execution or data persistence occurs.
Audit Metadata