personal-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No patterns associated with prompt injection, safety bypasses, or instructions to ignore system rules were found in the provided instructions.
- Data Exposure & Exfiltration (SAFE): The skill's documentation indicates that data is stored locally at
~/.claude/personal_assistant/. The code does not contain any network operations (like curl or requests) to transmit data externally. - Obfuscation (SAFE): All provided files are in plain text. No encoded strings, homoglyphs, or hidden characters were detected.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill uses no external Node.js or Python packages. It relies on standard library modules (e.g., json, datetime, pathlib) and local script references.
- Privilege Escalation (SAFE): No commands requiring elevated privileges (sudo) or modifications to system files were identified.
- Persistence Mechanisms (SAFE): The skill does not attempt to create cron jobs, startup entries, or modify shell profiles.
- Indirect Prompt Injection (SAFE): While the skill processes user-inputted task descriptions, this functionality is standard for its purpose and does not include risky capability pairings like arbitrary command execution.
Audit Metadata