simplify
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists solely of markdown instructions for the AI to follow. No Python scripts, Node.js packages, or shell commands are included in the skill package.
- [Prompt Injection] (SAFE): Analysis of the markdown body and metadata reveals no attempts to override system prompts, bypass safety filters, or extract underlying instructions. The terminology used is consistent with design methodology.
- [Indirect Prompt Injection] (SAFE): Although the skill specifies that context should be gathered from the 'current thread or codebase', the risk is negligible because the skill does not possess any tools or capabilities (e.g., file-write, network access) that could be exploited by malicious data in the codebase. 1. Ingestion points: Current thread or codebase (SKILL.md). 2. Boundary markers: None present. 3. Capability inventory: None. 4. Sanitization: None.
- [Data Exposure] (SAFE): No hardcoded credentials, API keys, or sensitive file paths were detected within the skill definition.
- [Unverifiable Dependencies] (SAFE): The skill does not reference any external libraries or remote execution patterns.
Audit Metadata