what-if-oracle
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of instructional prompts and templates for logical scenario analysis. It does not include any scripts, binaries, or automated command execution. No malicious patterns such as obfuscation, privilege escalation, or persistence were detected.
- [EXTERNAL_DOWNLOADS]: The skill references research papers hosted on Zenodo (a well-known repository for scientific data) and links to the author's official websites. These are informational references and do not involve the agent downloading or executing remote code at runtime.
- [DATA_EXFILTRATION]: There are no network tools (like curl or wget) or instructions to send data to external servers. The 'Read' and 'Write' tools listed in the allowed-tools configuration are used for standard file operations within the agent's scoped environment.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided scenarios. It includes a specific 'Phase 1' intended to sharpen and decompose user input into variables and constraints, which acts as a structured sanitization step that reduces the likelihood of the agent obeying embedded instructions within the user's scenario description.
Audit Metadata