survey-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The analyzed file is a markdown document (SKILL.md) containing only metadata and instructional text. No executable scripts (Python, JavaScript, Shell) or configuration files were provided.
- [COMMAND_EXECUTION] (SAFE): While the metadata explicitly allows the
Bashtool, there are no scripts or instructions within the file that utilize this tool for command execution. - [PROMPT_INJECTION] (SAFE): The content consists of standard instructional language for an AI agent. No patterns associated with role-play, jailbreaking, or overriding safety guidelines were found.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, sensitive file paths, or network operations were identified.
- [INDIRECT_PROMPT_INJECTION] (LOW): This skill defines a high-capability surface by allowing
Bash,Write, andEdittools and triggers on user-provided strings. While no malicious behavior is present, this combination represents a vulnerability surface if the skill were to process untrusted external data without sanitization. - Ingestion points: User requests mentioning "survey creator".
- Boundary markers: Not present in the instruction set.
- Capability inventory: Read, Write, Edit, Bash.
- Sanitization: No explicit sanitization or validation logic is defined in the documentation.
Audit Metadata