fantasy-lineup-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to bypass safety filters, override system prompts, or extract internal instructions.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths (e.g., .ssh, .aws), or network-based exfiltration patterns were identified.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not reference or install any external Python or Node.js packages, nor does it attempt to download and execute remote scripts.
- Indirect Prompt Injection (LOW): The skill is designed to process external sports data (matchups, injuries). While this is an ingestion surface for untrusted data, the skill lacks any capabilities (such as subprocess execution, file writing, or network access) to perform side-effect actions, limiting the risk to the agent's internal reasoning.
- Dynamic Execution (SAFE): No evidence of runtime code generation, unsafe deserialization (e.g., pickle), or library injection techniques.
Audit Metadata