eve-read-eve-docs
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is composed exclusively of Markdown documentation files (
SKILL.mdand several reference files in thereferences/directory). - [NO_CODE]: There are no scripts (Python, JavaScript, etc.) or executable binaries included in the skill.
- [PROMPT_INJECTION]: No malicious prompt injection patterns, such as instructions to ignore safety filters or bypass system prompts, were found. The 'Hard Rules' in
SKILL.mdare standard operational guidelines for the agent to follow when interpreting the documentation. - [CREDENTIALS_UNSAFE]: While the documentation mentions various sensitive environment variables (e.g.,
ANTHROPIC_API_KEY,EVE_BOOTSTRAP_TOKEN,DATABASE_URL) and credential prefixes (e.g.,sk-ant-oat01-), these are used solely as placeholders, descriptive examples, or architectural references within the documentation. No actual hardcoded secrets or sensitive tokens are present. - [EXTERNAL_DOWNLOADS]: The documentation references several well-known and trusted external services, including GitHub, Amazon ECR Public Gallery (
public.ecr.aws/w7c4v0w3), and Anthropic's API domains. These are documented neutrally as part of the system's operational requirements. - [COMMAND_EXECUTION]: The files contain extensive examples of CLI commands (e.g.,
eve auth login,eve env deploy,eve job create). These are provided for instructional purposes and do not represent a security risk within the context of a documentation-only skill.
Audit Metadata