iso-27001-controls
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes links to external security policies and compliance documentation on GitHub repositories belonging to the vendor (Hack23) and the official ISO website. These references are purely informational and do not involve remote code execution.
- [COMMAND_EXECUTION]: A compliance check script uses standard command-line tools like curl, openssl, and Node.js packages (htmlhint, linkinator) to verify security headers and site integrity. These actions are aligned with the skill's purpose as a security auditing tool and do not involve unauthorized command execution.
- [SAFE]: No evidence of prompt injection, data exfiltration, or obfuscation was detected. All external resources originate from the vendor's infrastructure or well-known trusted sources.
Audit Metadata