deepgram-data-handling
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a security-focused documentation and code repository. It implements industry-standard data protection measures such as envelope encryption using AWS KMS and S3 server-side encryption.
- [COMMAND_EXECUTION]: The skill requests permissions for
kubectlandcurlin its metadata. These are high-privilege tools typical in enterprise environments for managing infrastructure, but they are not utilized in any malicious or suspicious manner within the provided code examples. - [DATA_EXFILTRATION]: The code includes an
AuditLoggerservice that can send events to a remote SIEM (Security Information and Event Management) endpoint. This feature is gated by environment variables (SIEM_ENDPOINT) and represents a standard security requirement for auditability in enterprise applications. - [PROMPT_INJECTION]: No evidence of prompt injection, instruction overrides, or behavior bypasses was detected. The instructions are focused on guiding the agent through data management workflows.
Audit Metadata