organizational-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No evidence of malicious instructions or attempts to bypass agent constraints were found.
- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive local files or perform any network operations. No hardcoded credentials were detected.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No external packages are required, and no scripts are downloaded or executed.
- Indirect Prompt Injection (SAFE): While the skill ingests user-provided organizational data, it lacks any exploitable capabilities. Evidence: 1. Ingestion points: User-provided org context and charters in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: No network, file-system, or command execution tools detected in any referenced files. 4. Sanitization: Absent. As there are no dangerous tools available to the agent, the injection surface is not exploitable.
Audit Metadata