sensitivity-check
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local TypeScript scripts (
scripts/representation-map.tsandscripts/sensitivity-audit.ts) to automate character analysis and pattern detection. These scripts are invoked usingdeno run --allow-read, enforcing a restricted permission set that prevents network access or file system modifications. - [SAFE]: A comprehensive analysis across all threat categories detected no malicious indicators. The skill does not contain hardcoded credentials, obfuscated logic, or remote code dependencies. The author, jwynia, is a recognized vendor, and all logic is consistent with the skill's stated evaluative purpose.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted manuscript and character data. 1. Ingestion points: Manuscript text files and character JSON files processed by the provided audit and mapping scripts. 2. Boundary markers: None; the scripts ingest raw file content for pattern matching and statistical analysis. 3. Capability inventory: The analysis environment is limited to read-only file system access and standard output for reporting. 4. Sanitization: No sanitization or escaping is performed on input data before processing, which is standard for diagnostic pattern matching tools.
Audit Metadata