calorie-counter
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely instructional and relies on the AI agent's native capabilities to parse user input and manage a local JSON file.
- [DATA_EXPOSURE_AND_EXFILTRATION]: Data storage is restricted to a local path (~/Documents/xiaodazi/calories.json). No network requests or data transmission logic is present.
- [REMOTE_CODE_EXECUTION]: There are no scripts (.sh, .py, .js) or commands that download or execute external code.
- [INDIRECT_PROMPT_INJECTION]: While the skill processes untrusted user input (food descriptions), it has no high-risk capabilities (like shell access or network requests) to exploit.
- Ingestion points: User food descriptions provided via chat.
- Boundary markers: Not explicitly defined.
- Capability inventory: Local file write to a specific JSON path.
- Sanitization: None, but the risk is minimal given the lack of dangerous tools.
Audit Metadata