regulatory-compliance
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. Scripts focus on local reporting and validation with proper sanitization of filenames to prevent path traversal.
- [EXTERNAL_DOWNLOADS]: The skill includes informational links to official regulatory guidance from trusted organizations such as the European Data Protection Board and the California Privacy Protection Agency.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes untrusted artifacts for compliance auditing. 1. Ingestion points: Source code, DPAs, and system documentation read via tools. 2. Boundary markers: None used to separate external content from instructions. 3. Capability inventory: Local filesystem write access for report storage. 4. Sanitization: No content-level validation or filtering of assessed artifacts.
Audit Metadata