keyword-cluster-builder
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to bypass safety filters or override system prompts.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or attempts to access sensitive local files or external networks.
- Remote Code Execution (SAFE): The skill does not download or execute any external scripts or packages.
- Command Execution (SAFE): No system commands or subprocess calls are present.
- Indirect Prompt Injection (SAFE): The skill processes untrusted input in the form of seed keywords. (Evidence: 1. Ingestion point: seed keywords in SKILL.md; 2. Boundary markers: absent; 3. Capability inventory: none; 4. Sanitization: absent). However, because the skill has no capabilities (network, file-write, or execution), this surface is not exploitable.
Audit Metadata