hypothesis-library
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Executable Code] (SAFE): The skill consists entirely of Markdown text describing a framework and templates. There are no scripts (.py, .js, .sh), binaries, or configuration files that could execute commands.
- [Remote Code Execution] (SAFE): No external URLs, package managers (pip, npm), or remote script download patterns were detected.
- [Data Exposure & Exfiltration] (SAFE): There are no references to sensitive local file paths (e.g., credentials, SSH keys) or network operations that could exfiltrate data.
- [Prompt Injection] (SAFE): The text contains standard instructional content for organizing research and does not include any bypass attempts, role-play instructions, or commands to ignore system safety guidelines.
- [Indirect Prompt Injection] (SAFE): While the skill defines surfaces for ingesting untrusted data (such as user-submitted hypotheses), it lacks any tools, scripts, or network capabilities that could be exploited via malicious data input.
Audit Metadata