raffle-winner-picker
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Category 8: Indirect Prompt Injection] (LOW): The skill's primary function involves processing external data which is a surface for indirect prompt injection. Ingestion points: Google Sheet URLs and local file uploads (CSV/Excel) as described in SKILL.md. Boundary markers: None specified to delimit untrusted content or warn the agent. Capability inventory: Accessing external URLs and reading local filesystem data. Sanitization: No sanitization or instruction-ignoring logic is mentioned in the skill definition.
- [Category 10: Dynamic Execution] (SAFE): No executable code or runtime code generation patterns were detected.
Audit Metadata