embedded-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): Analysis of the skill body and metadata reveals no malicious patterns, prompt injection attempts, or unauthorized data access routines.
- [DATA_EXPOSURE & EXFILTRATION] (SAFE): The skill does not access sensitive system paths or credentials. No network-capable tools or operations are defined.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill possesses an attack surface via the
Read,Grep, andGlobtools, which allow it to ingest local source code. However, as the skill lacks write, execute, or network capabilities, the potential impact of processed malicious content is restricted to local reasoning influence only. - [REMOTE_CODE_EXECUTION] (SAFE): No remote code downloads or dynamic execution patterns were identified.
Audit Metadata