orbital-mechanics
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions in
SKILL.mddirect the agent to prioritize the provided reference files for domain-specific tasks. This is standard behavior for expert skills and does not attempt to bypass safety filters or ignore system constraints. - [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths (e.g., SSH keys, AWS configs), or network-related commands (curl, wget) were detected.
- [Remote Code Execution] (SAFE): The skill consists entirely of Markdown files. There are no scripts, package managers (pip, npm), or instructions to download and execute external code.
- [Indirect Prompt Injection] (SAFE): While the skill is designed to analyze user-provided data (specifically Python code as indicated in
validations.md), it lacks any 'active' capabilities like file-writing or network access that could be exploited via malicious input. - [Validations] (SAFE): The validation rules in
validations.mduse standard regular expressions to identify common engineering errors, such as missing orbital perturbations (J2) or hardcoded constants, which enhances the safety and reliability of the agent's output.
Audit Metadata