audit
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is authored by octavehq and interacts exclusively with Octave-branded MCP tools (e.g., list_all_entities, update_entity). This represents standard vendor-provided functionality for library management.
- [COMMAND_EXECUTION]: While the skill includes write capabilities (update_entity) via its interactive '--fix' mode, these operations are restricted to the Octave library context and require user interaction to trigger, aligning with the skill's primary purpose.
- [DATA_EXPOSURE]: The skill processes internal library data (personas, products, playbooks), but there is no evidence of data being transmitted to external or untrusted domains. All operations occur within the authenticated MCP environment.
- [PROMPT_INJECTION]: No patterns of prompt injection, instruction overrides, or safety filter bypasses were detected in the instructions.
Audit Metadata