applying-brand-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No malicious instructions or bypass attempts were found. The skill uses natural instructional language to guide the AI in writing tasks without attempting to override system constraints.
- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive system files, environment variables, or hardcoded credentials. It only references its own markdown documentation.
- Unverifiable Dependencies & Remote Code Execution (SAFE): There are no scripts or configuration files (e.g., package.json, requirements.txt) that would trigger package installation or remote code execution.
- Obfuscation (SAFE): All content is in plain-text markdown. No Base64 encoding, zero-width characters, or homoglyphs are present.
- Indirect Prompt Injection (SAFE): While the skill processes brand guidelines (which could be untrusted), its capabilities are limited to text generation for display. It lacks the ability to execute commands, write files, or perform network requests, neutralizing the risk of side-effect-based injection.
Audit Metadata