otp-thinking
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill contains no instructions designed to bypass AI safety filters or override system prompts. Its content is strictly focused on providing technical guidance for Elixir/OTP development.
- [DATA_EXFILTRATION] (SAFE): No network operations (such as curl, wget, or fetch) or access to sensitive local file paths (like credentials or SSH keys) were found.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not perform any remote downloads or execute external scripts. It mentions standard Elixir libraries such as Oban, Broadway, and Horde as architectural recommendations, but does not include commands to install or execute them maliciously.
- [COMMAND_EXECUTION] (SAFE): No shell commands, subprocess calls, or privilege escalation attempts (such as sudo or chmod) are present in the skill.
- [OBFUSCATION] (SAFE): All content is provided in clear-text Markdown and Elixir code snippets. There is no evidence of Base64 encoding, zero-width characters, or other obfuscation techniques.
- [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill influences how an agent reasons about Elixir code, it does not ingest untrusted external data or provide an attack surface for third-party instructions.
Audit Metadata