tool-discovery
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is entirely composed of Markdown documentation and descriptive text files. It contains no executable scripts (Python, JS, or Shell).
- [EXTERNAL_DOWNLOADS] (SAFE): No external URLs or remote resources are referenced for download or execution. The references point to local markdown files.
- [DATA_EXFILTRATION] (SAFE): No network operations or sensitive file access patterns were identified.
- [PROMPT_INJECTION] (SAFE): The instructions provide benign decision logic for tool selection and do not contain markers associated with jailbreaking or safety filter bypass.
- [INDIRECT_PROMPT_INJECTION] (LOW): This category is flagged because the skill ingests user task descriptions to recommend tools. 1. Ingestion points: User-provided task queries (e.g., 'How to write a CTE?'). 2. Boundary markers: Absent in the provided skill body. 3. Capability inventory: The skill triggers the selection of other tools (Task/Skill tools). 4. Sanitization: No sanitization logic is present in the static files. This represents a standard interaction surface and is not inherently malicious.
Audit Metadata