deep-post-ideas
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to bypass safety filters, override system instructions, or extract underlying prompts. The instructions focus entirely on the transformation of reference material into specific text formats.
- Data Exposure & Exfiltration (SAFE): There are no commands that access sensitive file paths (e.g., .ssh, .aws) or hardcoded credentials. The skill does not perform any network operations to send data externally.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not include any package installation commands or remote script execution patterns (e.g., curl | bash). It is purely markdown-based with no associated scripts.
- Indirect Prompt Injection (LOW):
- Ingestion points: The skill processes user-provided "reference material" as input in Step 1.
- Boundary markers: None explicitly defined to separate user data from instructions.
- Capability inventory: No subprocess calls, file writing, or network operations are present in any file.
- Sanitization: No specific sanitization logic is present, but the lack of dangerous capabilities mitigates the risk of an indirect injection causing system harm.
- Obfuscation (SAFE): No Base64, zero-width characters, or homoglyph-based obfuscation techniques were detected in the text or metadata.
- Privilege Escalation & Persistence (SAFE): No commands related to sudo, chmod, or modifying system startup files/crontabs were found.
Audit Metadata