creating-process-files
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill is composed entirely of markdown instructions. No executable scripts, binaries, or commands were found in the provided files.
- [PROMPT_INJECTION] (LOW): The skill possesses an indirect prompt injection surface as it instructs the agent to read a 'provided file' (SKILL.md, Phase 1). This is mitigated by the skill's limited capabilities, which are restricted to display and drafting. 1. Ingestion point: Phase 1, Step 1; 2. Boundary markers: Absent; 3. Capability inventory: Text generation only; 4. Sanitization: Absent.
- [EXTERNAL_DOWNLOADS] (SAFE): The credits.md file contains links to external resources for reference only. No automated downloading or execution of remote code occurs.
Audit Metadata