chain-spec-risk-metrics
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to bypass safety filters, extract system prompts, or override agent constraints.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or network requests (curl/wget/fetch) are present.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not install third-party packages or download/execute remote scripts. It relies on local template files.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: Processes user-provided initiative goals and constraints in Step 1.
- Boundary markers: None explicitly defined for user input.
- Capability inventory: The skill is limited to generating text (specifications, risk registers, and metrics). It has no file-write, subprocess, or network capabilities.
- Sanitization: Not present, but the lack of dangerous capabilities mitigates the risk.
- [Obfuscation] (SAFE): No Base64, zero-width characters, or encoded content detected.
- [Privilege Escalation & Persistence] (SAFE): No commands related to sudo, chmod, or modifying system startup files.
Audit Metadata