realtime-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill consists of technical markdown and code snippets representing architectural best practices. There is no evidence of malicious code, data exfiltration, or persistence mechanisms.- Indirect Prompt Injection (SAFE): The skill is designed to analyze user code, which represents an untrusted data ingestion surface. However, the skill lacks the necessary capabilities (such as arbitrary command execution or network access) to be exploited via this vector. Its logic is grounded in static reference files rather than untrusted inputs. Ingestion points: User-provided source code files (.js, .ts). Boundary markers: Not specified. Capability inventory: No file writing, network requests, or subprocess execution capabilities detected. Sanitization: None.
Audit Metadata