schema-builder
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to bypass safety filters or override agent behavior.
- Data Exposure & Exfiltration (SAFE): No access to sensitive file paths or unauthorized network domains was detected.
- Obfuscation (SAFE): No encoded strings, zero-width characters, or hidden content were found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references TypeScript libraries for schema definition but does not perform package installations or remote script executions.
- Privilege Escalation (SAFE): No commands requesting administrative or elevated permissions were found.
- Persistence Mechanisms (SAFE): No attempts to modify system startup or configuration files were detected.
- Metadata Poisoning (SAFE): Metadata accurately reflects the skill's purpose without deceptive instructions.
- Indirect Prompt Injection (LOW): The skill acts as a template for schema generation. While it processes user data, it has no active capabilities (like file writing or command execution) that could be exploited via injection.
- Time-Delayed / Conditional Attacks (SAFE): No time-gated or environment-triggered logic was found.
- Dynamic Execution (SAFE): No runtime code generation or dynamic script execution was detected.
Audit Metadata