pygame-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill possesses an indirect prompt injection surface as it reads local project files to inform its patterns. Ingestion points: Reads files like
src/entities/*.pyandpyproject.tomlusing theReadtool. Boundary markers: Absent; no instructions to ignore embedded commands are present in the skill instructions. Capability inventory: Uses filesystem reading tools (Read,Grep,Glob) which influence agent code generation. Sanitization: Absent; the skill does not filter or validate the content of the project files it reads. - Data Exposure & Exfiltration (SAFE): No evidence of hardcoded credentials, sensitive file access, or network communication patterns was detected.
- Obfuscation (SAFE): No encoded content, hidden characters, or other obfuscation techniques are present.
- Remote Code Execution (SAFE): No patterns for downloading or executing remote code or untrusted packages were found.
- Dynamic Execution (SAFE): The skill provides static templates and does not perform runtime code generation or unsafe data deserialization.
Audit Metadata