log-skill
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [NO_CODE] (SAFE): The skill is comprised entirely of Markdown templates and instructional text. No executable scripts, subprocess calls, or system commands are included in the definition.
- [DATA_EXPOSURE] (INFO): The skill suggests storing logs in local workspace directories (
agents/and.sop-engine/). It does not include logic for transmitting this data over a network or accessing sensitive system files. - [INDIRECT_PROMPT_INJECTION] (LOW): As a logging utility, the skill is designed to capture inputs and outputs. While these logs could contain malicious instructions if the agent processes untrusted data, the skill itself provides only the structure for documentation and does not introduce active execution vulnerabilities.
Audit Metadata