retailer-negotiation-prep
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is composed strictly of Markdown documentation and YAML metadata. It contains no implementation code, such as Python scripts (.py), Node.js scripts (.js), or shell scripts (.sh), eliminating risks associated with remote code execution or command injection.
- [SAFE]: No malicious patterns were detected during analysis. There is no evidence of obfuscated content (e.g., Base64, homoglyphs), hardcoded credentials, or suspicious remote URL references. The skill's stated purpose as a negotiation preparation tool aligns perfectly with its instructional content.
- [PROMPT_INJECTION]: The skill processes user-supplied business data (e.g., retailer performance and trade terms). While this creates a data ingestion surface, the skill has no underlying tools or capabilities (e.g., web browsing, file system modification, or API calls) that could be exploited via indirect prompt injection. The risk is effectively neutralized by the absence of executable capabilities.
Audit Metadata