creature-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill uses instructional grounding (e.g., 'Ignore generic approaches if a specific pattern exists here') to ensure it follows its persona and reference documents. This is a standard design pattern and does not represent a safety bypass or malicious injection.- [Data Exposure & Exfiltration] (SAFE): No credentials, sensitive file paths, or network functions (curl, wget) are present in the skill definition.- [Remote Code Execution] (SAFE): The skill does not download or execute any external scripts or packages.- [Indirect Prompt Injection] (SAFE): Although the skill references external files (references/patterns.md, etc.), it lacks the capabilities (like network access or command execution) required to make this an exploitable attack vector. The surface is limited to creative text generation.- [Obfuscation] (SAFE): No encoded strings, hidden characters, or homoglyphs were detected in the source text.
Audit Metadata