acr
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): The documentation does not contain any instructions that attempt to subvert the agent's behavior or safety guidelines.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file paths were identified. Usage of sensitive commands in examples is properly parameterized or uses placeholders (e.g., , xxx, your-password).
- Obfuscation (SAFE): There is no evidence of Base64, zero-width characters, or homoglyphs used to hide commands or instructions.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill contains no executable scripts. While it describes how to install external tools (e.g., Notation CLI) and references scripts like 'check-expansion.sh', these instructions are directed at the user and reference trusted GitHub releases or Microsoft domains (aka.ms). The skill itself does not perform any runtime downloads.
- Persistence Mechanisms (SAFE): No persistence or privilege escalation patterns were found, as the skill lacks executable components like shell profile modifications.
- Indirect Prompt Injection (SAFE): As a knowledge-only skill without tool execution or dynamic command capabilities, the surface for indirect prompt injection is non-exploitable within the context of this skill.
Audit Metadata