Client Onboarding Designer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions found that attempt to override agent behavior, bypass safety guidelines, or extract system prompts. The content is strictly limited to onboarding process design.
- [DATA_EXFILTRATION] (SAFE): No access to sensitive file paths (~/.ssh, .env), hardcoded credentials, or network operations (curl, wget) are present.
- [EXTERNAL_DOWNLOADS] (SAFE): No remote script downloads or external package installations (npm, pip) are requested.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no patterns for executing remote code or evaluating dynamic strings.
- [COMMAND_EXECUTION] (SAFE): No shell commands, subprocess calls, or administrative privilege requests (sudo) were identified.
- [INDIRECT_PROMPT_INJECTION] (LOW): While the skill involves a discovery phase that ingests client requirements (untrusted data), the skill lacks any write, execute, or network capabilities, making the impact of any embedded instructions negligible.
- [NO_CODE] (SAFE): The file is entirely composed of descriptive text and organizational templates without any active logic or executable scripts.
Audit Metadata