navi-stream
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts. The content is strictly documentation.
- Data Exposure & Exfiltration (SAFE): No sensitive file paths, hardcoded credentials, or network transmission commands (like curl or wget) were detected.
- Obfuscation (SAFE): No Base64 encoding, zero-width characters, or homoglyphs were used to hide malicious intent.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not include any package manager commands (npm, pip) or remote script execution patterns. All code snippets are static examples for a DSL.
- Privilege Escalation (SAFE): No commands involving sudo, chmod, or system configuration modifications were present.
- Persistence Mechanisms (SAFE): No attempts to modify shell profiles, cron jobs, or startup services were found.
- Indirect Prompt Injection (SAFE): While the skill describes a language that processes external market data, it does not provide any capability to execute actions based on untrusted data; the logic is confined to mathematical and technical analysis calculations.
Audit Metadata