keyword-expansion
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found attempting to override agent behavior, bypass safety filters, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive file paths (~/.ssh, .env, etc.) or credentials. The skill is restricted to local markdown files and explicitly declares no network access.
- [Remote Code Execution] (SAFE): No patterns of downloading scripts or installing external packages were detected.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from
queries.md. While it lacks explicit boundary markers, the risk is minimal as the skill's only capability is writing back to local markdown files without any shell or network execution potential. - [Persistence & Privilege Escalation] (SAFE): No attempts to modify shell profiles, system services, or use elevated permissions like sudo.
Audit Metadata