draft-offer
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a structured prompt for generating text documents. It does not utilize any external tools, scripts, or network capabilities.
- [NO_CODE]: There are no executable scripts (Python, JavaScript, etc.) or shell commands present in the skill file.
- [PROMPT_INJECTION]: The instructions are focused on guiding the AI through a document drafting workflow and do not contain patterns intended to bypass safety filters or override system-level constraints.
- [DATA_EXPOSURE]: No hardcoded credentials, API keys, or sensitive file paths were detected. The data requested from the user (e.g., candidate name, salary) is standard for the stated purpose of drafting an offer letter.
- [INDIRECT_PROMPT_INJECTION]: While the skill processes user-supplied data to fill templates, it lacks the technical capabilities (file writing, network requests, or shell execution) required to weaponize an injection attack.
Audit Metadata