ICP Builder
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [No Code] (SAFE): The skill is composed entirely of natural language instructions in markdown and metadata. There are no executable files (.py, .js, .sh), binaries, or package dependencies identified in the skill package.
- [Indirect Prompt Injection] (INFO): The skill contains a data ingestion surface where it asks users for details about their customers. While this is a theoretical entry point for indirect prompt injection (Category 8), the skill possesses no capabilities for code execution, file system modification, or network communication, rendering the risk negligible. Evidence: 1. Ingestion points: User input responses to Step 1 questions. 2. Boundary markers: Absent. 3. Capability inventory: None (no tool calls, network access, or subprocesses). 4. Sanitization: Absent.
Audit Metadata