energy-management
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): This skill consists exclusively of Markdown-based workflows, templates, and guidance. No executable code, shell scripts, or binaries are present in the skill package.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. Evidence Chain: 1) Ingestion points: The skill ingests untrusted user data in the form of 'calendar text dumps' or 'narratives' as specified in SKILL.md (Workflow Step 2 and 4) and references/INTAKE.md. 2) Boundary markers: Absent; the skill does not instruct the agent to use delimiters or to disregard instructions found within the user's calendar data. 3) Capability inventory: None. The skill generates text outputs only and lacks access to network requests, file system writes, or subprocess execution. 4) Sanitization: Absent.
- [DATA_EXPOSURE_AND_EXFILTRATION] (SAFE): No hardcoded secrets or data exfiltration patterns were detected. The skill includes specific safeguards in SKILL.md and references/CHECKLISTS.md explicitly instructing the agent not to request credentials or sensitive personal health information.
Audit Metadata