platform-infrastructure
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains standard operational instructions for an engineering task and does not include any patterns typical of jailbreaks or safety filter bypasses.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths (like .ssh or .aws), or network exfiltration patterns were found. The skill focuses on generating planning documents based on user-provided architecture details.
- [Obfuscation] (SAFE): All content is provided in clear text markdown. No Base64, zero-width characters, or homoglyphs were detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not include any package manager files (package.json, requirements.txt) or commands to download/execute remote scripts (curl | bash).
- [Indirect Prompt Injection] (LOW): The skill processes user-provided architectural constraints and pain points to generate reports. While this provides a surface for data ingestion, the skill lacks automated execution capabilities that would make such an injection high risk. It also explicitly instructs the agent to require confirmation for production changes.
- [Privilege Escalation & Persistence] (SAFE): No commands related to sudo, systemd, crontab, or startup registry keys are present.
Audit Metadata