json-tools
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or unauthorized data transmission patterns detected. The scripts only access files or input explicitly provided as arguments.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill contains no external dependencies and uses only Python standard library modules. No dynamic code execution functions like eval() or exec() are present.
- [Obfuscation] (SAFE): The code is clear, well-commented, and contains no hidden or encoded segments.
- [Indirect Prompt Injection] (SAFE): The skill processes external JSON data, which is an inherent risk surface for indirect injection. However, since the skill has no high-risk capabilities (like network access or shell execution), this surface is considered safe in this context.
- Ingestion points: validate_json.py, format_json.py, query_json.py, diff_json.py (via file, stdin, or string arguments).
- Boundary markers: Absent.
- Capability inventory: Only standard file reading and console output.
- Sanitization: Content is strictly parsed using the standard json.loads() method.
Audit Metadata