flame-systems
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No malicious instructions, bypass attempts, or role-play injections were found in the metadata or any of the reference files.
- [DATA_EXFILTRATION] (SAFE): While
references/saveload.mdandreferences/multiplayer.mdinclude code for file system access and network communications (WebSockets and Firebase), these are standard implementations for saving game state and handling multiplayer synchronization. No sensitive system paths or credential exfiltration patterns were identified. - [REMOTE_CODE_EXECUTION] (SAFE): The skill does not contain any executable scripts or patterns that download and run remote code. All logic is provided as static reference code in markdown format.
- [INDIRECT_PROMPT_INJECTION] (SAFE): Several systems, such as Dialogue and Localization, demonstrate patterns for ingesting external JSON data. This is a standard architectural practice for data-driven games and does not present a vulnerability in the context of this reference material.
- [OBFUSCATION] (SAFE): No hidden characters, encoded commands, or deceptive Unicode usage was found. The Chinese characters present in the documentation and localization examples are the intended content for multi-language support.
Audit Metadata