food
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Overall Security] (SAFE): The skill is entirely declarative, consisting of Markdown instructions and templates. It lacks any scripts (.py, .js, .sh), binaries, or automation code.
- [Prompt Injection] (SAFE): No malicious override instructions or safety bypass patterns were detected. The instructions prioritize accuracy and user transparency ('No fake names', 'Tool invisible').
- [Data Exposure] (SAFE): The skill does not access sensitive local file paths (like ~/.ssh or ~/.aws) or attempt to extract credentials. It only processes user-provided location and dining preferences.
- [External Downloads / RCE] (SAFE): There are no remote script executions, package installations, or downloads from untrusted sources. The references point to internal documentation files (references/sources_cn.md).
- [Indirect Prompt Injection] (LOW): While the skill ingests data from external sources like maps and dining platforms, it includes strict boundary markers and instructions to verify data and treat it as a 'snapshot' rather than absolute fact, mitigating the risk of instructions embedded in external content.
Audit Metadata