semantic-model-builder
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No override, bypass, or instruction-hijacking patterns were detected. The prompts are focused on structured data gathering for documentation.
- [DATA_EXFILTRATION]: No network operations, hardcoded credentials, or sensitive file path accesses were identified.
- [REMOTE_CODE_EXECUTION]: No script downloads, package installations, or remote execution patterns (e.g., curl|bash) are present.
- [COMMAND_EXECUTION]: No shell commands, privilege escalation attempts, or subprocess calls were found within the instructions.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted user data (SQL queries, business logic) to generate documentation. While this is an ingestion surface, the skill lacks the necessary capabilities (such as code execution or network connectivity) to be exploited as a vector for indirect injection.
Audit Metadata