agents-md-guide
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- PROMPT_INJECTION (SAFE): No attempts to override system prompts or bypass safety filters were detected. The instructions are purely focused on repository organization and token optimization.
- DATA_EXPOSURE & EXFILTRATION (SAFE): The skill does not access sensitive local files or perform network requests. It mentions project configuration files (AGENTS.md) which are intended for public or shared repository contexts.
- OBFUSCATION (SAFE): No encoded strings, homoglyphs, or hidden characters were found in any of the files.
- EXTERNAL_DOWNLOADS (SAFE): The skill does not download external packages or scripts. It mentions common tools like pnpm or esbuild as examples in its documentation, but does not execute installation commands.
- COMMAND_EXECUTION (SAFE): The SKILL.md file contains a documentation example for creating a symlink (
ln -s), but this is presented as a manual step for the user rather than an automated script execution. - INDIRECT_PROMPT_INJECTION (LOW): While the skill is designed to help an agent process and refactor instructions from external files (AGENTS.md), its primary function is to reduce 'bloat' and simplify those instructions. The risk of the agent being manipulated by malicious instructions within the files it is refactoring is a baseline risk for any AI tool, but this skill does not increase that surface area or provide high-privilege write/execute capabilities.
Audit Metadata