status-reporter
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to structure and format user-provided operational data into reports. It provides templates and guidelines for KPIs, weekly, and monthly status reporting.
- [DATA_EXFILTRATION]: No network tools, sensitive file access patterns, or exfiltration vectors were detected. The skill generates text output based on user inputs.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data (KPI metrics and user documents) to generate its reports. While this establishes a potential surface for indirect prompt injection, the skill lacks dangerous capabilities such as command execution, file system modification, or network access, which prevents an attacker from escalating the injection into a meaningful exploit.
- [METADATA_POISONING]: The metadata and descriptions accurately reflect the skill's functionality. References to other modules such as 'moai-finance' and 'moai-hr' are consistent with the vendor's naming conventions and provide clear guidance for domain-specific tasks.
Audit Metadata