viral-hooks
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No malicious override or bypass instructions were detected. Phrases like 'Ignore generic approaches' are context-specific instructions for the agent to prioritize the provided reference files over its general training data.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local files (~/.ssh, .env, etc.) or perform any network requests. There are no hardcoded credentials or API keys.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external packages (npm, pip) or remote script downloads (curl|bash) are referenced. The skill operates entirely within the provided markdown context.
- [Obfuscation] (SAFE): No Base64 encoding, zero-width characters, or other hidden content patterns were identified across any of the files.
- [Indirect Prompt Injection] (SAFE): While the skill processes user-provided content to generate hooks, it possesses no exploitable capabilities such as file writing, command execution, or network access. An injection attempt in the user's input would only affect the textual output without compromising the host system.
Audit Metadata