trainer-design-workshop-outline
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes user-provided reference materials and requirements to generate outlines. While this is an ingestion surface, the skill has no 'write' or 'execute' capabilities (e.g., shell access, file writing, API calls). The risk is limited to the agent generating a structured response based on potentially malicious input text, but it cannot trigger system-level side effects.
- [Data Exposure & Exfiltration] (SAFE): No patterns for accessing sensitive files (~/.ssh, .env) or hardcoded credentials were found. There are no network-capable tools like curl or fetch defined.
- [Remote Code Execution] (SAFE): No external dependencies, package managers (npm, pip), or remote script execution patterns are present.
- [Persistence & Privilege Escalation] (SAFE): There are no commands related to system services, cron jobs, or administrative overrides (sudo).
Audit Metadata