validate-agent-files
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- NO_CODE (SAFE): This skill contains no scripts, binaries, or automated tool definitions. It functions purely as a set of logical instructions for the AI to follow when reviewing files.
- PROMPT_INJECTION (SAFE): No malicious override patterns, jailbreak attempts, or system prompt extraction techniques were detected. The instructional language is benign and focused on file formatting.
- DATA_EXFILTRATION (SAFE): There are no network operations (curl, wget, fetch) or hardcoded credentials. The file paths mentioned (.github, .claude, etc.) are standard project configuration directories and do not target sensitive user data like SSH keys or environment variables.
- REMOTE_CODE_EXECUTION (SAFE): There are no patterns for downloading or executing remote scripts or packages.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill is designed to process external configuration files (the injection surface), it lacks any 'exploitable capabilities' such as shell execution or file writing that could be subverted by a malicious file being validated.
Audit Metadata