shipping-products
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [DATA_EXFILTRATION] (SAFE): No network requests, hardcoded credentials, or sensitive file paths were detected. The skill only produces text deliverables within the agent's environment.
- [PROMPT_INJECTION] (SAFE): No adversarial instruction-override markers or safety-bypass patterns were found. Instructional language is standard and descriptive.
- [REMOTE_CODE_EXECUTION] (SAFE): There is no code within this skill. All files are Markdown or JSON metadata. No remote execution patterns (e.g., curl | bash) are present.
- [EXTERNAL_DOWNLOADS] (SAFE): The
skillpack.jsonincludes upstream metadata URLs for reference purposes, but no assets or scripts are downloaded for execution during runtime. - [NO_CODE] (SAFE): This skill defines structure and workflow using Markdown templates only; it does not ship with any Python, JavaScript, or other executable scripts.
- [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill ingests user context to generate launch plans, it lacks capabilities (like shell execution or file-writing logic) that would create an exploitable vulnerability surface.
Audit Metadata