data-governance
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No attempts to override system instructions or bypass safety filters were found. The skill uses a strict reference-based grounding approach.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file access patterns are present. Regex patterns in the validation file are used for detecting issues in user data, not for exfiltration.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not include any external package requirements or remote script execution commands.
- Indirect Prompt Injection (SAFE): While the skill is designed to analyze user-provided data (code and SQL), it lacks exploitable capabilities such as network access, file writing, or subprocess execution that would make an indirect injection high-risk.
Audit Metadata