wiki-qa
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- NO_CODE (SAFE): The skill is composed strictly of Markdown instructions and documentation. No scripts or executable files (Python, Node.js, Shell) are present, which eliminates risks associated with command execution, remote code execution, or persistence.
- SAFE (SAFE): No malicious patterns such as direct prompt injection, obfuscation, or data exfiltration were detected. The skill uses standard instructional language and alignment rules to guide the agent in performing its primary function.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill involves reading external source files (an ingestion point for untrusted data), it lacks high-risk capabilities like network egress or local file system writes that would make indirect prompt injection a significant threat. The instructions specifically mandate grounding answers in evidence and citing sources, which serves as a defensive measure against instruction-overriding content in analyzed files.
Audit Metadata