context-engine
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Credential management follows strict isolation practices, using individual JSON files for brand profiles and environment variables for API keys, as documented in the security and agency guides.
- [SAFE]: External integrations are routed through recognized Model Context Protocol (MCP) servers for services like Salesforce, HubSpot, and Google Ads, ensuring communication with trusted platforms.
- [SAFE]: The content evaluation pipeline (eval-runner.py) implements automated quality checks, including hallucination detection and claim verification, which serve as internal safety mechanisms.
- [SAFE]: Documentation clearly defines permissions and approval hierarchies, restricting high-risk actions like budget modifications to administrative roles.
- [SAFE]: No patterns of prompt injection, data exfiltration, or obfuscated code were identified across the 31 markdown and configuration files analyzed.
Audit Metadata