demo-specialist
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill instructions are purely task-oriented and do not contain any patterns intended to bypass safety filters, extract system prompts, or override agent behavior.
- [Data Exposure & Exfiltration] (SAFE): There are no commands or instructions that access sensitive files (~/.ssh, credentials, etc.), nor are there any hardcoded API keys or network exfiltration patterns.
- [Obfuscation] (SAFE): All content is provided in plain text. No Base64, zero-width characters, homoglyphs, or encoded payloads were found.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not include any script files (.py, .js, .sh) or package manifest files (package.json, requirements.txt). There are no remote download or execution patterns.
- [Privilege Escalation & Persistence] (SAFE): No commands or instructions related to administrative privileges, system configuration modification, or persistence mechanisms (cron, startup scripts) are present.
- [Indirect Prompt Injection] (SAFE): The skill is a knowledge repository of frameworks and best practices. It does not define tools for ingesting or processing untrusted external data (like web scrapers or file readers), minimizing the surface area for indirect injection.
- [Metadata Poisoning] (SAFE): The metadata in SKILL.md and rules files is consistent with the stated purpose of product demonstration expertise and contains no hidden instructions.
Audit Metadata