eve-agent-native-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- SAFE (SAFE): No malicious patterns or security risks were detected. The skill is entirely composed of markdown files providing design guidance.
- NO_CODE (SAFE): The skill does not include any executable scripts (Python, JS, Shell), which significantly reduces the potential for malicious behavior like command execution or remote code loading.
- Data Exposure & Exfiltration (SAFE): While the documentation mentions platform environment variables (e.g., EVE_PROJECT_ID) and API endpoints, it does so for instructional purposes only. No code is present to perform unauthorized access or exfiltration.
- Indirect Prompt Injection (SAFE): The skill describes an architecture involving 'Job Attachments' which process external data. However, since this is a design guide and not a functional implementation with tool-calling logic, no exploitable surface is provided in the skill itself.
Audit Metadata