branded-types
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): Analysis of SKILL.md and CLAUDE.md confirms that no instructions attempt to override agent safety protocols, disregard previous instructions, or extract system prompts.
- DATA_EXFILTRATION (SAFE): No patterns for accessing sensitive file paths (~/.ssh, ~/.aws) or transmitting data via curl/wget were found. The skill operates entirely within the scope of TypeScript type definitions.
- COMMAND_EXECUTION (SAFE): The provided code snippets are TypeScript types and validation functions; there are no shell commands or subprocess execution patterns present.
- EXTERNAL_DOWNLOADS (SAFE): References to external libraries such as Zod and Drizzle are common development dependencies. There are no patterns for executing untrusted remote scripts (e.g., curl|bash).
- REMOTE_CODE_EXECUTION (SAFE): The skill does not implement any mechanisms for downloading or running arbitrary code from untrusted external sources.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill handles external data (e.g., in Zod validation), it promotes rigorous validation and sanitization via constructor functions, which serves as a defensive practice. No capability for dangerous code execution was found.
Audit Metadata