reactions
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The skill instructions do not contain any attempts to override system prompts or bypass safety filters.
- [Data Exposure & Exfiltration] (SAFE): The skill only communicates with a local service (localhost:23001). There is no access to sensitive files or external network communication.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external packages are installed, and no remote scripts are downloaded or executed.
- [Indirect Prompt Injection] (SAFE): The skill does not interpolate untrusted user content into the bash command, significantly reducing the risk of indirect injection attacks.
Audit Metadata