verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): Analysis of SKILL.md reveals no embedded scripts, configuration files, or command execution patterns. It is an instruction-only skill.
- [INDIRECT_PROMPT_INJECTION] (LOW): Vulnerability surface identified. (1) Ingestion: Agent reads test/linter outputs. (2) Boundaries: No explicit delimiter markers for untrusted output. (3) Capabilities: No subprocess, network, or file-write capabilities present in the skill. (4) Sanitization: None. Severity remains LOW as the skill only influences internal agent status reporting and does not possess capabilities for side effects.
- [EXTERNAL_DOWNLOADS] (SAFE): No remote resources or package managers (npm/pip) are utilized.
Audit Metadata