sensei-prune
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: Analyzed for indirect prompt injection surface. Ingestion points: SKILL.md (user-provided code and behavior descriptions). Boundary markers: Absent. Capability inventory: No tool use or code execution capabilities identified across SKILL.md or agents/openai.yaml; instructions explicitly forbid the agent from writing refactored code and limit it to a guiding role. Sanitization: Absent. No safety bypass or extraction attempts detected.
- [DATA_EXFILTRATION]: No patterns for exfiltrating sensitive data or credentials were found. References to security-sensitive data are contextual for ensuring test coverage.
- [REMOTE_CODE_EXECUTION]: No remote script downloads or dynamic execution patterns were identified. The skill instructions prohibit the agent from generating or modifying code directly.
- [COMMAND_EXECUTION]: No shell commands or system-level operations were found in the instructions or metadata.
- [SAFE]: The skill content is purely instructional and emphasizes defensive coding practices like characterization testing and behavior preservation.
Audit Metadata