context-window-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, environment variables, or hardcoded credentials were detected. Code snippets use standard model identifiers (e.g., 'gpt-4', 'claude-3-haiku').
- [Unverifiable Dependencies] (SAFE): The skill references standard libraries like 'tiktoken' and 'anthropic' for token counting within markdown code blocks. No automated installation or remote script execution (e.g., curl | bash) is present.
- [Indirect Prompt Injection] (SAFE): The skill patterns involve processing untrusted user messages for summarization.
- Ingestion points: User message arrays in 'references/patterns.md'.
- Boundary markers: Some examples wrap summaries in system messages, providing a degree of structural separation.
- Capability inventory: No dangerous tools (shell, filesystem write) are exposed; capabilities are limited to LLM completions for context management.
- Sanitization: Not explicitly defined, but the skill's purpose is context engineering rather than untrusted data execution.
- [Obfuscation] (SAFE): No Base64 encoding, zero-width characters, or homoglyphs were found in the skill content.
Audit Metadata