privacy-guardian
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious instructions or security bypasses detected in the skill logic. The instructions focus on enforcing privacy-by-design principles.
- [DATA_EXPOSURE] (SAFE): The skill contains regex patterns designed to detect credentials in user code (e.g., API_KEY, SECRET). These are defensive definitions and not hardcoded credentials themselves.
- [INDIRECT_PROMPT_INJECTION] (LOW): As a code-reviewing agent, the skill has a surface for indirect prompt injection from the code it analyzes.
- Ingestion points: User-provided source code files (.py, .js, .ts).
- Boundary markers: None explicitly defined in the prompt structure.
- Capability inventory: No subprocess calls, network operations, or file-writing capabilities detected in the provided files.
- Sanitization: No explicit sanitization of input code before analysis.
- [REMOTE_CODE_EXECUTION] (SAFE): No package managers (npm, pip) or remote script execution patterns (curl | bash) were found in the skill definitions.
Audit Metadata