technical-constitution
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious code, hidden scripts, or dangerous network operations were detected in the skill contents. The skill is purely informational and instructional.
- [PROMPT_INJECTION]: The skill uses high-priority directives and imperative language (e.g., 'CRITICAL GOVERNANCE NOTICE', 'MANDATORY COMPLIANCE') to ensure its technical standards are followed. While these match markers for instruction overrides, they are applied here to enforce security principles (like OWASP compliance) rather than to bypass safety guardrails.
- [COMMAND_EXECUTION]: The document includes explicit security guidelines forbidding the execution of unsanitized user input and advising against running commands with root/admin privileges without human intervention.
- [CREDENTIALS_UNSAFE]: The configuration management section provides templates for environment variables and secrets (e.g., '.env.template'), but all sensitive values are generic placeholders (e.g., 'a_very_secure_production_password').
Audit Metadata