api-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- SAFE (SAFE): No malicious patterns, obfuscation, or dangerous capabilities detected. The skill provides architectural guidelines and grounding instructions for the agent.
- NO_CODE (INFO): This skill consists entirely of markdown instructions and metadata. It does not include any Python or Node.js scripts, binaries, or package manifests, eliminating the risk of runtime code execution from this file.
- Indirect Prompt Injection (LOW): The skill identifies external grounding files (
references/patterns.md, etc.) as authoritative sources. While this creates a surface for indirect prompt injection if those files are malicious, the current skill lacks the capabilities (file-write, network access, or command execution) to exploit such an injection beyond influencing the agent's textual output.
Audit Metadata