platform
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The content consists of professional documentation and examples. No attempts to override agent instructions, bypass safety filters, or extract system prompts were found.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets, API keys, or sensitive file paths (e.g., .ssh or .aws) are present. The network endpoints used in examples (e.g., http://collector:4317) are standard for the technologies described.
- [Obfuscation] (SAFE): No Base64, zero-width characters, or other encoding techniques intended to hide malicious payloads were detected.
- [Remote Code Execution] (SAFE): The skill provides code snippets for educational purposes (HCL, TypeScript, Python). It does not contain any logic to download and execute remote scripts or binaries.
- [Privilege Escalation & Persistence] (SAFE): No commands for sudo, chmod 777, or system persistence mechanisms (like crontab or shell profile modifications) are included. It actually includes a security best practice example using Tetragon to block shell execution.
- [Indirect Prompt Injection] (SAFE): While the skill is designed to activate on specific keywords, it does not ingest or process untrusted external data in a way that exposes the agent to indirect injection during the analyzed scope.
Audit Metadata