community-building
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No patterns of instruction override or safety bypass were detected. The skill follows legitimate instructional logic.
- [Data Exposure & Exfiltration] (SAFE): The instructions explicitly state to never request credentials or private access from the user and emphasize privacy norms. There are no network or file-system tools associated with the skill.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill package consists entirely of Markdown and JSON metadata; no executable scripts, package dependencies, or remote download commands are present.
- [Indirect Prompt Injection] (LOW): The skill processes user-provided context for community building. However, since the skill lacks any computational capabilities (no tools for file-write or network operations), the surface for indirect injection is non-exploitable. Mandatory Evidence Chain: 1) Ingestion points: User input describing community goals/audience. 2) Boundary markers: None explicitly defined in text interpolation. 3) Capability inventory: No tools or executable scripts. 4) Sanitization: None.
Audit Metadata