ai-evals
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No malicious prompt injection patterns were found. The skill actually includes defensive patterns by instructing the agent to generate test cases specifically for prompt injection and jailbreak attempts.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials or data exfiltration commands detected. The skill provides clear instructions to redact PII and anonymize sensitive logs during the evaluation process.
- [REMOTE_CODE_EXECUTION] (SAFE): No external downloads, package installations, or remote script execution patterns are present in the skill files.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill has an ingestion surface for untrusted data (system descriptions and failure logs), but poses low risk as it only produces documentation. Evidence: 1. Ingestion points: SUT descriptions and logs in SKILL.md and INTAKE.md. 2. Boundary markers: Recommends anonymization and redaction rules. 3. Capability inventory: No subprocess calls or code execution identified. 4. Sanitization: Instructions for data cleaning are explicitly defined in the missing-info strategy.
Audit Metadata