dao-governance
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No override markers, role-play injections, or instructions to ignore safety guidelines were detected. The instructions are focused on domain-specific grounding.
- [Data Exfiltration] (SAFE): The skill does not perform network requests or access sensitive local files. There are no hardcoded credentials.
- [Remote Code Execution] (SAFE): There are no scripts, package dependencies, or commands that download or execute remote content.
- [Indirect Prompt Injection] (LOW): The skill references external files (references/patterns.md, references/sharp_edges.md, references/validations.md) as a source of truth.
- Ingestion points: Reference files in the
references/directory. - Boundary markers: Explicit instructions to ground responses in these files and correct user conflicts.
- Capability inventory: None (no subprocess, no network, no file-write).
- Sanitization: Not applicable as no code is present to process the data beyond grounding.
- [Obfuscation] (SAFE): No encoded strings, hidden characters, or homoglyphs were found.
Audit Metadata