reference-lookup
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE] (SAFE): The skill only accesses internal resource files (
references/codes.md,references/formats.md) via a standard resource reading tool. No sensitive file paths, credentials, or environment variables are accessed. - [REMOTE_CODE_EXECUTION] (SAFE): No code execution patterns, subprocess calls, or dynamic evaluation techniques are present. The skill consists entirely of markdown instructions and data.
- [EXTERNAL_DOWNLOADS] (SAFE): No external dependencies or remote script downloads are defined in the metadata or instructions.
- [PROMPT_INJECTION] (SAFE): Instructions follow standard patterns for task definition. No attempts to override system prompts, bypass safety filters, or extract system instructions were detected.
- [INDIRECT_PROMPT_INJECTION] (LOW):
- Ingestion points: The skill accepts user-provided error codes as input for lookup.
- Boundary markers: Not explicitly defined in the prompt interpolation logic.
- Capability inventory: Uses
read_skill_resourceto read local files. No high-risk capabilities like network access or shell execution. - Sanitization: None observed, but the risk is mitigated as the lookup targets static, trusted local files rather than arbitrary paths.
Audit Metadata