fpf-core
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses imperative instructions to enforce a specific reasoning methodology and persona (e.g., 'You are the principal, not the laborer'). While it attempts to constrain agent behavior to the framework's rules, these instructions are focused on methodology and do not target safety filter bypass or prompt extraction.
- [COMMAND_EXECUTION]: The framework requires the agent to write state information to local hidden files (e.g.,
.fpf/.session-active). These file operations are used strictly for session management and do not involve arbitrary shell command execution or privilege escalation. - [DATA_EXFILTRATION]: The skill records session-specific metadata, such as session IDs and timestamps, to local files. There are no network calls, external URL references, or indicators of data being sent to unauthorized domains.
Audit Metadata