critic
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The instructions define a specific analytical persona for 'Critic Mode'. While it uses terms like 'Question everything', these are clearly contextual instructions for logic analysis and do not attempt to override the underlying AI safety filters or system constraints.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations (curl, wget, fetch) were found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill is entirely markdown-based and does not include any scripts, package manifests (package.json, requirements.txt), or remote code download patterns.
- Indirect Prompt Injection (SAFE): The skill is designed to analyze user-provided content. However, its capabilities are strictly limited to generating text-based questions ('Read-only mode'). It lacks the high-risk capabilities (file writing, network access, code execution) required for an indirect injection attack to be impactful.
- Persistence and Privilege Escalation (SAFE): No commands related to system persistence (cron, startup scripts) or privilege escalation (sudo, chmod) are present.
Audit Metadata