account-abstraction
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found. The skill instructions reinforce grounding in provided reference files.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected.
- Obfuscation (SAFE): No Base64, zero-width characters, homoglyphs, or encoded commands were identified.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not download or execute external packages or scripts. Code snippets are provided for instructional purposes only.
- Privilege Escalation & Persistence (SAFE): No commands acquiring elevated permissions or attempting to maintain access across sessions were found.
- Indirect Prompt Injection (LOW): While the skill is designed to process user-provided code for review, it lacks side-effect capabilities (no file writing, no network calls, no command execution). The risk is limited to the reasoning context, and the skill explicitly instructs the agent to prioritize reference files over user input.
Audit Metadata