skill-validator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- SAFE (SAFE): No malicious patterns or security risks were identified in the skill definition or documentation.
- NO_CODE (SAFE): The skill consists only of a YAML configuration and a Markdown description; no executable scripts or logic are provided.
- DATA EXPOSURE & EXFILTRATION (SAFE): Although the skill takes a file path as input, it is constrained to metadata validation only and lacks network capabilities to exfiltrate data.
- INDIRECT PROMPT INJECTION (LOW): The skill ingests untrusted files from a directory for validation. (1) Ingestion point:
skill_directoryfiles. (2) Boundary markers: None specified. (3) Capability inventory: YAML and Markdown parsing for metadata validation. (4) Sanitization: Not explicitly documented, but the lack of follow-on actions (like command execution or network calls) mitigates risk.
Audit Metadata