server-skills
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): No malicious behaviors detected across all files. The skill serves as a documentation and auditing resource for developers.
- [EXTERNAL_DOWNLOADS] (SAFE): No remote scripts, package installations, or external downloads are initiated by the skill.
- [DATA_EXFILTRATION] (SAFE): No access to sensitive files (e.g., SSH keys, AWS credentials) or network exfiltration patterns were found.
- [PROMPT_INJECTION] (SAFE): No jailbreak attempts, role-play injections, or instructions to ignore system safety protocols are present.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill defines patterns for analyzing local source code using Grep. While it ingests file content (ingestion point), it includes specific defensive patterns for path traversal (Checklist 5 in fastapi.md) and relies on standard developer tools (Bash/Grep) for static analysis.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata