mens-mental-health
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process untrusted user data during mental health check-ins and venting sessions. Ingestion points: User-provided responses to mood, trigger, and symptom questions, as well as free-form text in the 'Vent' feature (SKILL.md). Boundary markers: Absent; there are no instructions or delimiters provided to the agent to treat user input as non-executable data. Capability inventory: None; the skill lacks any scripts, tool definitions, or binary files that could be leveraged by an attacker. Sanitization: Absent; no input validation or filtering logic is present in the provided files.
- No Executable Code (SAFE): The skill consists exclusively of markdown documentation and a metadata JSON file. No executable logic, such as Python or JavaScript files, was found, significantly reducing the security risk.
Audit Metadata