spacecraft-systems
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override AI safety filters or exfiltrate system prompts. The instructions focus on grounding responses in the provided reference files.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations detected. The skill consists entirely of static documentation and regex patterns for validation.
- Obfuscation (SAFE): All content is in clear text markdown and YAML format. No Base64, zero-width characters, or hex escapes detected.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill contains no scripts, package manager files (requirements.txt, package.json), or remote download commands (curl, wget).
- Privilege Escalation & Persistence (SAFE): No commands related to administrative access, service installation, or persistence mechanisms (cron, registry, shell profiles) are present.
- Indirect Prompt Injection (SAFE): While the skill processes user-provided design descriptions, it lacks any functional capabilities (file writing, network access, or command execution) that could be exploited through malicious data ingestion.
- Dynamic Execution (SAFE): No use of eval, exec, or runtime code generation. The validation patterns provided are static regular expressions intended for use by external analysis tools.
Audit Metadata