Skills
skills/melodic-software/claude-code-plugins/event-storming/Gen Agent Trust Hub

event-storming

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFENO_CODE
Full Analysis
  • [NO_CODE] (SAFE): All files are Markdown (.md). There are no executable scripts (Python, Bash, JavaScript), package manifests (package.json, requirements.txt), or compiled binaries provided in the skill.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill does not attempt to download external assets, libraries, or remote code. All references are internal to the skill's own documentation files.
  • [PROMPT_INJECTION] (SAFE): While the file references/persona-prompts.md contains role-play instructions (e.g., 'Analyze {domain} from a Subject Matter Expert perspective'), these are legitimate functional templates for the intended workshop purpose. No patterns for safety filter bypass or system prompt extraction were detected.
  • [DATA_EXFILTRATION] (SAFE): No commands or functions exist within the skill to access local files, credentials, or perform network requests to external domains.
  • [INDIRECT_PROMPT_INJECTION] (SAFE): The skill defines an attack surface by interpolating user-provided variables (like {domain} or {persona_outputs}) into subsequent prompts. However, as the skill lacks any 'capabilities' (file system write, network access, or command execution), this surface cannot be exploited to cause harm beyond the text conversation itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:07 PM