skills/jeremylongshore/claude-code-plugins-plus-skills/building-recommendation-systems/Gen Agent Trust Hub
building-recommendation-systems
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The instructions and metadata are focused on the skill's primary purpose. No attempts to override agent behavior or bypass safety guidelines were found.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets were detected. The configuration template (
assets/configuration_template.yaml) correctly uses placeholders like 'YOUR_DATABASE_PASSWORD' for user-provided credentials. - [EXTERNAL_DOWNLOADS]: The skill does not perform any remote downloads of scripts or data from untrusted sources.
- [DATA_EXFILTRATION]: There are no network operations or access requests for sensitive system files (e.g.,
.ssh,.env). The scripts are limited to local file system operations. - [INDIRECT_PROMPT_INJECTION]: The skill defines an ingestion surface for untrusted data (user-item interactions).
- Ingestion points: Data files processed via
scripts/data_preprocessing.pyand other utility scripts. - Boundary markers: No explicit delimiters are used to separate untrusted data from the agent context.
- Capability inventory: The skill has access to powerful tools including
Bash(cmd:*)andWrite. - Sanitization: No sanitization of input data is performed. However, as the provided scripts only perform basic file metadata extraction and JSON validation, the risk of instruction execution from data is low.
Audit Metadata