tzurot-docs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to override safety filters or bypass constraints were found. The instructional language is benign and task-oriented.
- [Data Exposure & Exfiltration] (SAFE): The skill interacts with local project files (CURRENT.md, BACKLOG.md) for documentation management. No hardcoded credentials, sensitive system paths, or network exfiltration patterns were detected.
- [Remote Code Execution] (SAFE): No remote scripts, package installations, or dynamic code execution patterns are present.
- [Command Execution] (SAFE): The skill contains no shell commands, subprocess calls, or privilege escalation attempts.
- [Indirect Prompt Injection] (SAFE): The skill has an ingestion surface (reading CURRENT.md and BACKLOG.md), but lacks any exploitable capabilities such as network operations or command execution. This renders the surface harmless for prompt injection.
Audit Metadata