domain-ml
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations were found.
- Obfuscation (SAFE): No Base64, zero-width characters, or other encoding techniques were used to hide content.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No external script downloads or package installation commands are present. The mentioned Rust crates (e.g., candle, tch-rs) are standard industry libraries used for reference.
- Privilege Escalation (SAFE): No commands for elevating system privileges were identified.
- Persistence Mechanisms (SAFE): No attempts to modify system startup or configuration files were detected.
- Metadata Poisoning (SAFE): The metadata accurately describes the skill's purpose without deceptive instructions.
- Indirect Prompt Injection (SAFE): The skill provides patterns for processing local model files but does not include any untrusted data ingestion logic that could be exploited.
- Time-Delayed / Conditional Attacks (SAFE): No logic gating behavior based on time or environment conditions was found.
- Dynamic Execution (SAFE): The provided Rust code snippets use static patterns and safe initialization; no unsafe deserialization or runtime code generation is present.
Audit Metadata